Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Ice Cyber Crime Ransom Virus [Closed]


  • This topic is locked This topic is locked

#31
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Josh,

 

I am attempting to run Farbar Recovery Scan Tool. However, I the program will not run in Safe Mode. Is it ok to boot up in normal mode?


  • 0

Advertisements


#32
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

I cannot run Administrator Mode in Safe Mode. However, it will let me double left click and run it.


  • 0

#33
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,839 posts

Let's try without run as admin.


  • 0

#34
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-05-2014
Ran by Andre Stone (administrator) on ANDRESTONE on 21-05-2014 23:25:13
Running from C:\Documents and Settings\Andre Stone\desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\KbdMgr.exe [427296 2009-11-15] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5078504 2013-03-21] (ESET)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-725345543-1659004503-839522115-1003\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe [814984 2013-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-725345543-1659004503-839522115-1003\...\MountPoints2: {19f49eb4-aa27-11df-97dd-001ff3b0c9c5} - E:\WIN\setup.exe
Startup: C:\Documents and Settings\Andre Stone\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {0B72CCA4-5F11-11D0-9CB5-0000C0EC9FDB} http://www2.stlu.com...eetnoagent7.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.t...ivex/hcImpl.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 198.6.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Andre Stone\Application Data\Mozilla\Firefox\Profiles\bxpp8ck0.default-1352229856765
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Documents and Settings\Andre Stone\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Andre Stone\Application Data\mozilla\plugins\ieatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Andre Stone\Application Data\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-09-01]

========================== Services (Whitelisted) =================

S4 AppleOSSMgr; C:\WINDOWS\system32\AppleOSSMgr.exe [136504 2009-11-15] ()
S2 AppleTimeSrv; C:\WINDOWS\system32\AppleTimeSrv.exe [99640 2009-11-15] (Apple Inc.)
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1341664 2013-03-21] (ESET)
S2 JavaQuickStarterService; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [161704 2012-07-05] (Oracle Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S4 MSSQL$PRISM_SQL; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 aapltctp; C:\WINDOWS\System32\DRIVERS\aapltctp.sys [4224 2008-02-08] (Apple Inc.)
R3 aapltp; C:\WINDOWS\System32\DRIVERS\aapltp.sys [35072 2008-02-08] (Apple Inc.)
S3 applebt; C:\WINDOWS\System32\DRIVERS\applebt.sys [9088 2008-04-15] (Apple Inc.)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1123328 2008-02-08] (Broadcom Corp.)
S3 BthKicker; C:\WINDOWS\System32\DRIVERS\BthKicker.sys [7424 2008-02-08] (Apple Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 DevUpper; C:\WINDOWS\System32\DRIVERS\iSightFT.sys [7680 2008-02-08] (Apple Inc.)
S1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [161368 2013-01-10] (ESET)
S1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
S2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [150080 2013-01-10] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [40376 2013-01-10] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [62512 2013-02-20] (ESET)
R3 IRRemoteFlt; C:\WINDOWS\System32\DRIVERS\IRFilter.sys [16512 2008-02-08] (Apple Inc.)
S3 iSightUpdate; C:\WINDOWS\System32\DRIVERS\iSightUP.sys [17664 2008-02-08] (Apple Inc.)
S2 KeyAgent; C:\WINDOWS\system32\drivers\KeyAgent.sys [5760 2009-11-15] (Apple Inc.)
R3 KeyMagic; C:\WINDOWS\System32\DRIVERS\KeyMagic.sys [23552 2009-10-16] (Apple Inc.)
S2 MacHALDriver; C:\WINDOWS\system32\drivers\MacHALDriver.sys [6528 2008-02-08] (Apple Inc.)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PCASp50; C:\WINDOWS\System32\Drivers\PCASp50.sys [27072 2008-10-15] (Printing Communications Assoc., Inc. (PCAUSA))
S3 swmsflt; C:\WINDOWS\System32\drivers\swmsflt.sys [24840 2008-10-15] ()
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [255232 2008-02-08] (Marvell)
S3 catchme; \??\C:\DOCUME~1\ANDRES~1\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 Nmea; system32\DRIVERS\pctnullport.sys [X]
S3 PCTINDIS5; \??\C:\WINDOWS\system32\PCTINDIS5.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TrueSight; \??\C:\WINDOWS\system32\TrueSight.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-21 23:25 - 2014-05-21 23:25 - 00012944 _____ () C:\Documents and Settings\Andre Stone\desktop\FRST.txt
2014-05-21 23:24 - 2014-05-21 23:25 - 00000000 ___DC () C:\FRST
2014-05-21 23:12 - 2014-05-21 23:11 - 01056768 _____ (Farbar) C:\Documents and Settings\Andre Stone\desktop\FRST.exe
2014-05-21 23:06 - 2014-05-21 23:06 - 00001970 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_D_05212014_230629.txt
2014-05-21 23:05 - 2014-05-21 23:05 - 00001918 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_S_05212014_230556.txt
2014-05-21 00:43 - 2014-05-21 00:43 - 00002266 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_S_05212014_004336.txt
2014-05-21 00:40 - 2014-05-21 23:06 - 00000000 ____D () C:\Documents and Settings\Andre Stone\desktop\RK_Quarantine
2014-05-21 00:32 - 2014-05-21 00:32 - 00002146 _____ () C:\Documents and Settings\Andre Stone\desktop\aswMBR.txt
2014-05-21 00:32 - 2014-05-21 00:32 - 00000512 _____ () C:\Documents and Settings\Andre Stone\desktop\MBR.dat
2014-05-20 23:55 - 2014-05-20 23:53 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Andre Stone\desktop\aswMBR.exe
2014-05-20 23:23 - 2014-05-20 23:23 - 00001034 _____ () C:\Documents and Settings\Andre Stone\desktop\ListCrilock.txt
2014-05-19 00:12 - 2014-05-19 22:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\2992199F9A
2014-05-15 19:22 - 2014-05-15 19:36 - 00067072 _____ () C:\Documents and Settings\Andre Stone\desktop\S00191346.xls
2014-05-15 10:45 - 2014-05-15 10:45 - 01203200 _____ () C:\Documents and Settings\Andre Stone\desktop\S00187430.xls
2014-05-14 22:02 - 2014-05-14 22:02 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-13 08:23 - 2014-05-13 08:36 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Leventhal Law Firm
2014-05-10 02:38 - 2014-05-10 02:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-09 10:21 - 2014-05-09 10:21 - 00067072 _____ () C:\Documents and Settings\Andre Stone\desktop\S00190482.xls
2014-05-09 09:39 - 2014-05-09 09:39 - 00000000 ____D () C:\Program Files\Paperwork
2014-05-09 09:31 - 2014-05-09 09:32 - 00000000 ____D () C:\Documents and Settings\Andre Stone\desktop\Grant Kingsbury
2014-05-05 16:53 - 2014-05-05 16:53 - 01203200 _____ () C:\Documents and Settings\Andre Stone\desktop\S00188564.xls
2014-05-02 12:26 - 2014-05-02 12:27 - 00005597 _____ () C:\WINDOWS\KB2964358-IE7.log
2014-05-02 09:41 - 2014-05-02 09:41 - 02071040 _____ () C:\Documents and Settings\Andre Stone\desktop\MFP_MVP_041414.xls
2014-04-27 00:26 - 2014-04-27 00:25 - 00090112 _____ () C:\WINDOWS\Minidump\Mini042714-01.dmp
2014-04-24 10:00 - 2014-04-24 11:29 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Prime Flight

==================== One Month Modified Files and Folders =======

2014-05-21 23:25 - 2014-05-21 23:25 - 00012944 _____ () C:\Documents and Settings\Andre Stone\desktop\FRST.txt
2014-05-21 23:25 - 2014-05-21 23:24 - 00000000 ___DC () C:\FRST
2014-05-21 23:11 - 2014-05-21 23:12 - 01056768 _____ (Farbar) C:\Documents and Settings\Andre Stone\desktop\FRST.exe
2014-05-21 23:06 - 2014-05-21 23:06 - 00001970 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_D_05212014_230629.txt
2014-05-21 23:06 - 2014-05-21 00:40 - 00000000 ____D () C:\Documents and Settings\Andre Stone\desktop\RK_Quarantine
2014-05-21 23:05 - 2014-05-21 23:05 - 00001918 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_S_05212014_230556.txt
2014-05-21 01:30 - 2014-02-24 01:49 - 00000000 ___RD () C:\Documents and Settings\Andre Stone\My Documents\Dropbox
2014-05-21 01:30 - 2008-06-17 18:47 - 00000178 ___SH () C:\Documents and Settings\Andre Stone\ntuser.ini
2014-05-21 01:30 - 2008-06-17 18:41 - 01112383 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-21 00:43 - 2014-05-21 00:43 - 00002266 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_S_05212014_004336.txt
2014-05-21 00:39 - 2014-02-24 01:47 - 00000000 ____D () C:\Documents and Settings\Andre Stone\Application Data\Dropbox
2014-05-21 00:32 - 2014-05-21 00:32 - 00002146 _____ () C:\Documents and Settings\Andre Stone\desktop\aswMBR.txt
2014-05-21 00:32 - 2014-05-21 00:32 - 00000512 _____ () C:\Documents and Settings\Andre Stone\desktop\MBR.dat
2014-05-20 23:53 - 2014-05-20 23:55 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Andre Stone\desktop\aswMBR.exe
2014-05-20 23:23 - 2014-05-20 23:23 - 00001034 _____ () C:\Documents and Settings\Andre Stone\desktop\ListCrilock.txt
2014-05-19 22:56 - 2008-06-17 18:46 - 00032464 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-19 22:56 - 2008-06-17 18:46 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-19 22:56 - 2008-06-17 18:17 - 00000275 _____ () C:\WINDOWS\wiadebug.log
2014-05-19 22:56 - 2008-06-17 18:17 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-05-19 22:54 - 2014-05-19 00:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\2992199F9A
2014-05-19 22:54 - 2014-03-07 14:37 - 00000234 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-05-19 15:19 - 2011-01-13 17:54 - 00328733 _____ () C:\WINDOWS\setupapi.log
2014-05-19 15:14 - 2010-05-14 10:37 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Legal Vertical
2014-05-19 06:14 - 2014-03-17 09:05 - 00000526 _____ () C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-725345543-1659004503-839522115-1003.job
2014-05-18 03:19 - 2004-08-04 05:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-15 19:36 - 2014-05-15 19:22 - 00067072 _____ () C:\Documents and Settings\Andre Stone\desktop\S00191346.xls
2014-05-15 18:22 - 2010-01-12 11:55 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Montag and Nadalin
2014-05-15 18:12 - 2012-04-19 10:06 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Krause Kalfayan
2014-05-15 16:47 - 2013-09-04 19:20 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 16:46 - 2008-07-25 16:36 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-15 10:45 - 2014-05-15 10:45 - 01203200 _____ () C:\Documents and Settings\Andre Stone\desktop\S00187430.xls
2014-05-14 22:07 - 2008-06-18 23:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-05-14 22:06 - 2013-07-10 16:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 22:03 - 2009-03-31 22:15 - 90547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-14 22:02 - 2014-05-14 22:02 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 11:19 - 2013-03-06 21:04 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Townspeople
2014-05-13 08:36 - 2014-05-13 08:23 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Leventhal Law Firm
2014-05-13 08:35 - 2011-02-22 19:36 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Phase II
2014-05-13 07:49 - 2014-03-31 15:44 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Blending Calculator
2014-05-12 15:35 - 2014-02-24 01:49 - 00000000 ____D () C:\Documents and Settings\Andre Stone\Application Data\DropboxMaster
2014-05-12 13:32 - 2008-06-19 00:06 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2014-05-12 13:31 - 2011-01-20 11:31 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\MiresBall
2014-05-12 07:14 - 2008-06-17 18:42 - 00001515 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-05-10 18:07 - 2008-06-17 18:14 - 00631012 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-10 08:30 - 2012-04-25 16:13 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 02:39 - 2014-05-10 02:38 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-09 16:52 - 2013-10-23 07:04 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Ringler and Associates
2014-05-09 15:18 - 2014-03-31 16:17 - 00079872 _____ () C:\Documents and Settings\Andre Stone\desktop\Copy of Monthly Tracker Andre FY14.xls
2014-05-09 15:18 - 2013-02-28 17:40 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\A Grant Kingsbury
2014-05-09 12:32 - 2014-02-24 01:49 - 00001050 _____ () C:\Documents and Settings\Andre Stone\desktop\Dropbox.lnk
2014-05-09 12:32 - 2014-02-24 01:48 - 00000000 ____D () C:\Documents and Settings\Andre Stone\Start Menu\Programs\Dropbox
2014-05-09 10:21 - 2014-05-09 10:21 - 00067072 _____ () C:\Documents and Settings\Andre Stone\desktop\S00190482.xls
2014-05-09 09:39 - 2014-05-09 09:39 - 00000000 ____D () C:\Program Files\Paperwork
2014-05-09 09:39 - 2011-03-10 10:56 - 00000654 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Paperwork.lnk
2014-05-09 09:39 - 2011-03-10 10:56 - 00000648 _____ () C:\Documents and Settings\All Users\desktop\Paperwork.lnk
2014-05-09 09:32 - 2014-05-09 09:31 - 00000000 ____D () C:\Documents and Settings\Andre Stone\desktop\Grant Kingsbury
2014-05-08 16:59 - 2014-03-07 14:37 - 00000228 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-05-07 12:23 - 2014-03-31 16:42 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Reference List
2014-05-05 16:53 - 2014-05-05 16:53 - 01203200 _____ () C:\Documents and Settings\Andre Stone\desktop\S00188564.xls
2014-05-05 09:28 - 2014-03-31 10:58 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Prospect Lists
2014-05-02 12:27 - 2014-05-02 12:26 - 00005597 _____ () C:\WINDOWS\KB2964358-IE7.log
2014-05-02 12:27 - 2014-02-25 19:16 - 00159680 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-05-02 12:27 - 2008-06-22 05:28 - 00437845 _____ () C:\WINDOWS\updspapi.log
2014-05-02 12:27 - 2008-06-17 18:14 - 02921713 _____ () C:\WINDOWS\FaxSetup.log
2014-05-02 12:27 - 2008-06-17 18:14 - 01418261 _____ () C:\WINDOWS\ocgen.log
2014-05-02 12:27 - 2008-06-17 18:14 - 01347521 _____ () C:\WINDOWS\tsoc.log
2014-05-02 12:27 - 2008-06-17 18:14 - 01174320 _____ () C:\WINDOWS\iis6.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00926350 _____ () C:\WINDOWS\comsetup.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00896422 _____ () C:\WINDOWS\msmqinst.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00561330 _____ () C:\WINDOWS\ntdtcsetup.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00515037 _____ () C:\WINDOWS\netfxocm.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00203241 _____ () C:\WINDOWS\MedCtrOC.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00152415 _____ () C:\WINDOWS\ocmsn.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00147578 _____ () C:\WINDOWS\tabletoc.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00147135 _____ () C:\WINDOWS\msgsocm.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-05-02 11:23 - 2012-10-25 01:11 - 00013167 _____ () C:\Documents and Settings\Andre Stone\Application Data\Rim.DesktopHelper.Exception.log
2014-05-02 11:23 - 2012-10-25 01:11 - 00013090 _____ () C:\Documents and Settings\Andre Stone\Application Data\Rim.Desktop.Exception.log
2014-05-02 09:41 - 2014-05-02 09:41 - 02071040 _____ () C:\Documents and Settings\Andre Stone\desktop\MFP_MVP_041414.xls
2014-04-30 01:01 - 2004-08-04 05:00 - 03628032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-04-30 01:01 - 2004-08-04 05:00 - 03628032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 19:03 - 2014-03-18 10:43 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\GSDBA
2014-04-29 18:24 - 2013-02-01 10:36 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Photos
2014-04-29 17:36 - 2008-06-17 18:13 - 00229133 _____ () C:\WINDOWS\setupact.log
2014-04-29 11:34 - 2012-09-25 20:13 - 00000000 ____D () C:\Documents and Settings\Andre Stone\Application Data\Spotify
2014-04-29 11:29 - 2012-09-25 20:14 - 00000000 ____D () C:\Documents and Settings\Andre Stone\Local Settings\Application Data\Spotify
2014-04-27 00:25 - 2014-04-27 00:26 - 00090112 _____ () C:\WINDOWS\Minidump\Mini042714-01.dmp
2014-04-25 09:52 - 2010-02-24 09:47 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Tectonics
2014-04-25 08:37 - 2011-03-18 14:36 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Lesar Development
2014-04-24 11:29 - 2014-04-24 10:00 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Prime Flight
2014-04-24 10:25 - 2014-04-03 18:59 - 00000000 ____D () C:\Documents and Settings\Andre Stone\desktop\April Pricing
2014-04-22 09:25 - 2011-10-27 10:27 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Spectrum Properties
2014-04-22 08:26 - 2009-07-04 20:56 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-04-21 19:43 - 2014-03-31 16:38 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Account Move

Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\Andre Stone\Local Settings\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuujzhk.dll
C:\Documents and Settings\Andre Stone\Local Settings\temp\ntdll_dump.dll
C:\Documents and Settings\Andre Stone\Local Settings\temp\PukN.dll


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-05-2014
Ran by Andre Stone at 2014-05-21 23:26:23
Running from C:\Documents and Settings\Andre Stone\desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 6.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

==================== Installed Programs ======================

Adobe Acrobat 7.0 Professional (Version: 7.1.0 - Adobe Systems) Hidden
Adobe Acrobat 7.1.0 Professional (HKLM\...\Adobe Acrobat 7.0 Professional) (Version: 7.1.0 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe AIR (Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.32 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Boot Camp Services (HKLM\...\{F0E45628-1218-4865-A516-8E8A54272ADC}) (Version: 2.2.0 - Apple Inc.)
Citrix Online Launcher (HKLM\...\{B025BA0B-64A6-46DE-9D64-32965C83CCA9}) (Version: 1.0.179 - Citrix)
Corel WinDVD (Version: 11 - Corel Inc.) Hidden
Corel WinDVD Pro 11 (HKLM\...\_{991D8429-CFD9-48D9-BD85-6EDD3007B5A9}) (Version: 11.0.0.342 - Corel Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.0 - Dropbox, Inc.)
eCopy PaperWorks (HKLM\...\{C6A4A94C-534F-4C0B-B10D-5FCB3E54F5B2}) (Version: 2009.0.0.150 - eCopy, Inc.)
ESET Smart Security (HKLM\...\{FBFA7DDB-4188-457E-BD16-81B26E2B447C}) (Version: 6.0.316.0 - ESET, spol s r. o.)
Glary Utilities 2.6.1 (HKLM\...\Glary Utilities_is1) (Version:  - GlaryUtilities.com)
GoToMeeting 6.3.0.1415 (HKCU\...\GoToMeeting) (Version: 6.3.0.1415 - CitrixOnline)
HandBrake 0.9.8 (HKLM\...\HandBrake) (Version: 0.9.8 - )
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
ICA (Version: 1.0 - Corel Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
IPM (Version: 1.00.0000 - Corel Inc.) Hidden
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java Auto Updater (Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java DB 10.4.2.1 (HKLM\...\{926C96FB-9D0A-4504-8000-C6D3A4A3118E}) (Version: 10.4.2.1 - Sun Microsystems, Inc)
Java™ 6 Update 24 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.240 - Sun Microsystems, Inc.)
Java™ 7 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
Java™ SE Development Kit 6 Update 14 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160140}) (Version: 1.6.0.140 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
KONICA MINOLTA C652Series (HKLM\...\KONICA MINOLTA C652Series Installer) (Version:  - KONICA MINOLTA)
Learn.com Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version:  - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (PRISM_SQL) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Move Networks Media Player for Internet Explorer (HKCU\...\Move Networks Player - IE) (Version:  - )
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB954459) (HKLM\...\{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}) (Version: 6.20.1099.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Paperwork (HKLM\...\com.kmbs.Paperwork.A297539FD1E76821C9C59643DA1370B7E26631B8.1) (Version: 4.4.34 - UNKNOWN)
Paperwork (Version: 4.4.34 - UNKNOWN) Hidden
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5512 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Setup (Version: 11.0 - Corel Inc.) Hidden
Siebel Outlook Email Integration On Demand (HKLM\...\{26A9D866-8410-4F9C-A6F2-FA11DADD7A4C}) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update for Windows Internet Explorer 7 (KB976749) (HKLM\...\KB976749-IE7) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 7 (KB980182) (HKLM\...\KB980182-IE7) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB942763) (HKLM\...\KB942763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - Apple Inc. (applebt) Bluetooth  (04/06/2008 2.1.0.1) (HKLM\...\02FEC2FAAA7DED51CAF15F06DB8B63E735EE735C) (Version: 04/06/2008 2.1.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. (applebt) Bluetooth  (11/13/2007 2.0.1.5) (HKLM\...\15749019150B76CBADCF00B88C88E85C16A26FF1) (Version: 11/13/2007 2.0.1.5 - Apple Inc.)
Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net  (01/11/2008 3.4.3.18) (HKLM\...\AD3493E108434977125BBF78F47699626F8AF64B) (Version: 01/11/2008 3.4.3.18 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1) (HKLM\...\5F8BE32FAE3D6BC77B512F7B0624D7B6C8A26EFB) (Version: 06/27/2007 2.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0) (HKLM\...\9324ED54E32F5399037F87E076CA01C6CEB92830) (Version: 10/25/2007 2.0.1.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Display (12/19/2007 2.0.2.0) (HKLM\...\D3BCC671821E117ACD653C1AA146540791143F25) (Version: 12/19/2007 2.0.2.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple IR Receiver (11/01/2007 2.0.1.1) (HKLM\...\2CA2C2712E3120F27F44A38A6FA5540D9A93CA01) (Version: 11/01/2007 2.0.1.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (03/10/2008 2.1.0.0) (HKLM\...\AD3F97DB12E1CE21FA0120AB7CE80FADD54FC0AB) (Version: 03/10/2008 2.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (04/06/2009 3.0.0.0) (HKLM\...\F2AE684ADF164A03D9FFABF28F04DDE05ED67BC5) (Version: 04/06/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (12/18/2007 2.0.2.3) (HKLM\...\F8438DF02326129F7A78E93130D90DA5C4F3D359) (Version: 12/18/2007 2.0.2.3 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch (09/10/2009 3.0.0.0) (HKLM\...\CD6212024668E03491C257CA53617893F2E8E924) (Version: 09/10/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch (12/18/2007 2.0.1.10) (HKLM\...\144A90A8644F24BDCA0607CBAE7F90C2F5427DA4) (Version: 12/18/2007 2.0.1.10 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch Mouse (09/10/2009 3.0.0.0) (HKLM\...\6B401A4481C0B1B07B5D7425378A5C00FF7D75DE) (Version: 09/10/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch Mouse (12/18/2007 2.0.1.10) (HKLM\...\F5A89004299B5282B8B5D7D9F7253FF13C58628F) (Version: 12/18/2007 2.0.1.10 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple ODD (01/17/2008 2.0.2.2) (HKLM\...\B4AC4F962DDC0DD6B71FCF20B8F2F694214FAE69) (Version: 01/17/2008 2.0.2.2 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Trackpad (10/09/2007 2.0.1.5) (HKLM\...\992615C0D0002C27AA3BB336C66D1E7764047A51) (Version: 10/09/2007 2.0.1.5 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Trackpad Enabler (10/09/2007 2.0.1.5) (HKLM\...\D1E46C4F35C591B14E31349A9EDA8227C5F0E966) (Version: 10/09/2007 2.0.1.5 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (09/17/2009 3.0.0.5) (HKLM\...\3F930CC3EE841B82D6D463716B5F67BD240BBD46) (Version: 09/17/2009 3.0.0.5 - Apple Inc.)
Windows Driver Package - Apple Inc. System  (09/12/2007 2.0.1.1) (HKLM\...\C71CD722DD357F78301EAEA028431241C2D91890) (Version: 09/12/2007 2.0.1.1 - Apple Inc.)
Windows Driver Package - Atheros (AR5211) Net  (04/05/2007 5.3.0.35) (HKLM\...\CE031DF97C704035E8B6E570362ABD337ACA4BA5) (Version: 04/05/2007 5.3.0.35 - Atheros)
Windows Driver Package - Atheros (AR5416) Net  (06/26/2007 6.0.3.94) (HKLM\...\D66D0ACEFE4E32CCDF30362ACBB3EAEFB97E9FDE) (Version: 06/26/2007 6.0.3.94 - Atheros)
Windows Driver Package - Broadcom (BCM43XX) Net  (09/20/2007 4.170.25.12) (HKLM\...\D922ADD1498E7464ED76231D79D703FC1320C80C) (Version: 09/20/2007 4.170.25.12 - Broadcom)
Windows Driver Package - CirrusLogic (HdAudAddService) MEDIA  (09/15/2009 1.0.0.26) (HKLM\...\8BBE3DC2B1A38488ADAF1D96E1296F4F88B7F69C) (Version: 09/15/2009 1.0.0.26 - CirrusLogic)
Windows Driver Package - Intel (E1000) Net  (01/06/2006 8.6.17.0) (HKLM\...\80087CDF19A4CE2FBB535E7DC99A0E50FFA25589) (Version: 01/06/2006 8.6.17.0 - Intel)
Windows Driver Package - Intel (e1express) Net  (04/03/2006 9.3.39.0) (HKLM\...\18BB9B0552BA675902E31409A34F929D9C9AD56C) (Version: 04/03/2006 9.3.39.0 - Intel)
Windows Driver Package - Intel System  (07/20/2007 1.2.76.0) (HKLM\...\82BE89CA9B7493FA05D2D4D32B415CF07EA08B47) (Version: 07/20/2007 1.2.76.0 - Intel)
Windows Driver Package - Marvell (yukonwxp) Net  (03/23/2007 10.12.7.3) (HKLM\...\6AB59209597E0F6B986EC8E976521FDF0A696C9D) (Version: 03/23/2007 10.12.7.3 - Marvell)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\E77704EF5E71F4F18CADFBFA68595AFE036D5D97) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)

==================== Restore Points  =========================

11-04-2014 05:21:24 System Checkpoint
12-04-2014 08:25:47 System Checkpoint
13-04-2014 09:56:58 System Checkpoint
14-04-2014 11:58:39 System Checkpoint
15-04-2014 12:26:45 System Checkpoint
16-04-2014 16:22:02 System Checkpoint
18-04-2014 14:30:09 System Checkpoint
20-04-2014 03:35:06 System Checkpoint
21-04-2014 03:46:07 System Checkpoint
22-04-2014 05:00:34 System Checkpoint
23-04-2014 05:16:30 System Checkpoint
24-04-2014 13:07:38 System Checkpoint
25-04-2014 15:16:47 System Checkpoint
26-04-2014 15:39:07 System Checkpoint
27-04-2014 16:22:36 System Checkpoint
29-04-2014 04:55:37 System Checkpoint
30-04-2014 09:02:23 System Checkpoint
01-05-2014 21:09:26 System Checkpoint
02-05-2014 19:25:44 Software Distribution Service 3.0
04-05-2014 08:25:13 System Checkpoint
05-05-2014 09:08:38 System Checkpoint
06-05-2014 09:39:06 System Checkpoint
07-05-2014 09:41:06 System Checkpoint
08-05-2014 09:49:36 System Checkpoint
09-05-2014 20:21:06 System Checkpoint
12-05-2014 23:26:57 System Checkpoint
13-05-2014 23:38:26 System Checkpoint
15-05-2014 00:21:13 System Checkpoint
15-05-2014 05:01:09 Software Distribution Service 3.0
17-05-2014 15:11:56 System Checkpoint
19-05-2014 01:35:19 System Checkpoint

==================== Hosts content: ==========================

2004-08-04 05:00 - 2009-07-06 05:46 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-725345543-1659004503-839522115-1003.job => C:\Program Files\Citrix\GoToMeeting\1415\g2mupdate.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize.job => C:\Program Files\Glary Utilities\initialize.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2014-05-10 02:38 - 2014-05-10 02:39 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk => C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Push Client.LNK => C:\WINDOWS\pss\Push Client.LNKCommon Startup
MSCONFIG\startupreg: 10680154 => C:\Documents and Settings\All Users\Application Data\10680154\10680154.exe
MSCONFIG\startupreg: 90690146 => C:\Documents and Settings\All Users\Application Data\90690146\90690146.exe
MSCONFIG\startupreg: Acrobat Assistant 7.0 => "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Alcmtr => ALCMTR.EXE
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BluetoothAuthenticationAgent => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: eCopyPWPrntHlpr => "C:\Program Files\PaperWorks\Bin\eCopyPWPrntHlpr.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: IRW => C:\WINDOWS\system32\IRW.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MsnMsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: Spotify => "C:\Documents and Settings\Andre Stone\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Documents and Settings\Andre Stone\Application Data\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: updateMgr => C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/19/2014 10:55:41 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.

Error: (05/19/2014 03:03:29 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.

Error: (05/19/2014 06:34:17 AM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.

Error: (05/18/2014 06:06:13 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.

Error: (05/18/2014 03:20:00 AM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.

Error: (05/17/2014 02:02:40 AM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.

Error: (05/16/2014 05:05:46 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.

Error: (05/16/2014 00:59:25 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.

Error: (05/16/2014 07:49:35 AM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.

Error: (05/15/2014 04:44:00 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.


System errors:
=============
Error: (05/21/2014 11:23:11 PM) (Source: DCOM) (EventID: 10005) (User: ANDRESTONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/21/2014 10:41:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eamon
ehdrv
Fips
intelppm

Error: (05/21/2014 10:40:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/21/2014 01:30:02 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/21/2014 00:54:35 AM) (Source: DCOM) (EventID: 10005) (User: ANDRESTONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/20/2014 11:43:04 PM) (Source: DCOM) (EventID: 10005) (User: ANDRESTONE)
Description: DCOM got error "%%1058" attempting to start the service dmadmin with arguments "/com"
in order to run the server:
{4FB6BB00-3347-11D0-B40A-00AA005FF586}

Error: (05/20/2014 11:25:49 PM) (Source: DCOM) (EventID: 10005) (User: ANDRESTONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/20/2014 11:25:23 PM) (Source: DCOM) (EventID: 10005) (User: ANDRESTONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/20/2014 11:20:48 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/20/2014 11:19:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eamon
ehdrv
Fips
intelppm


Microsoft Office Sessions:
=========================
Error: (05/12/2014 01:23:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 74 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/12/2014 01:23:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/12/2014 01:23:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/12/2014 01:23:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/12/2014 01:22:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/12/2014 01:22:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/12/2014 01:22:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/12/2014 01:22:43 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/12/2014 01:22:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/12/2014 01:22:34 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 2012.72 MB
Available physical RAM: 1686.83 MB
Total Pagefile: 3909.4 MB
Available Pagefile: 3804.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1955.35 MB

==================== Drives ================================

Drive c: (BOOTCAMP) (Fixed) (Total:31.69 GB) (Free:2.55 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: 00001483)

Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=201 GB) - (Type=AF)
Partition 3: (Active) - (Size=32 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#35
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Farbar Service Scanner Version: 21-05-2014
Ran by Andre Stone (administrator) on 21-05-2014 at 23:35:20
Running from "C:\Documents and Settings\Andre Stone\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall" registry value does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Epfwndis(22) epfwtdi(23) Gpc(3) IPSec(5) NetBT(6) PSched(7) RFCOMM(8) Tcpip(4)
0x170000000500000001000000020000000300000004000000170000001500000013000000110000000F0000000D0000000A000000060000000700000008000000090000000B0000000C0000000E00000010000000120000001400000016000000
IpSec Tag value is correct.

**** End of log ****


  • 0

#36
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,839 posts

Hi unique.  I will look over your logs first thing tomorrow.  Let's get one more log just to be on the thorough side.

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

  • 0

#37
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,839 posts

By the way we're almost done with the core steps.   :geek:


  • 0

#38
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Hi Josh,

 

Yay! I'm glad to hear that we've almost completed the core section.

 

I had a few challenges downloading Kapersky. I could not use the link you sent me on either one of my computers. I ended up downloading it from CNET.  Also,after the reboot, it did not launch automatically. However, I was able to complete the scan. I hope that I did it correctly.

 

here is the log.

 

00:18:10.0968 0x044c  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
00:18:15.0000 0x044c  ============================================================
00:18:15.0000 0x044c  Current date / time: 2014/05/22 00:18:15.0000
00:18:15.0000 0x044c  SystemInfo:
00:18:15.0000 0x044c  
00:18:15.0000 0x044c  OS Version: 5.1.2600 ServicePack: 3.0
00:18:15.0000 0x044c  Product type: Workstation
00:18:15.0000 0x044c  ComputerName: ANDRESTONE
00:18:15.0000 0x044c  UserName: Andre Stone
00:18:15.0000 0x044c  Windows directory: C:\WINDOWS
00:18:15.0000 0x044c  System windows directory: C:\WINDOWS
00:18:15.0000 0x044c  Processor architecture: Intel x86
00:18:15.0000 0x044c  Number of processors: 2
00:18:15.0000 0x044c  Page size: 0x1000
00:18:15.0000 0x044c  Boot type: Safe boot with network
00:18:15.0000 0x044c  ============================================================
00:18:15.0000 0x044c  BG loaded
00:18:15.0109 0x044c  System UUID: {6CF3894D-EB6E-95F2-F830-21798B167D0F}
00:18:15.0703 0x044c  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:18:15.0703 0x044c  ============================================================
00:18:15.0703 0x044c  \Device\Harddisk0\DR0:
00:18:15.0703 0x044c  GPT partitions:
00:18:15.0703 0x044c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {00002950-6412-0000-835B-0000222F0000}, Name: EFI system partition, StartLBA 0x28, BlocksNum 0x64000
00:18:15.0703 0x044c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {48465300-0000-11AA-AA11-00306543ECAC}, UniqueGUID: {00004D20-07F8-0000-2016-0000252B0000}, Name: Customer, StartLBA 0x64028, BlocksNum 0x191C0000
00:18:15.0703 0x044c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {74FD2118-1C3E-4C44-BCDA-22F5CF48C1EC}, Name: Untitled, StartLBA 0x19264028, BlocksNum 0x3F61920
00:18:15.0703 0x044c  MBR partitions:
00:18:15.0703 0x044c  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x19264028, BlocksNum 0x3F61920
00:18:15.0703 0x044c  ============================================================
00:18:15.0765 0x044c  C: <-> \Device\Harddisk0\DR0\Partition4
00:18:15.0765 0x044c  ============================================================
00:18:15.0765 0x044c  Initialize success
00:18:15.0765 0x044c  ============================================================
00:19:14.0609 0x00ec  ============================================================
00:19:14.0609 0x00ec  Scan started
00:19:14.0609 0x00ec  Mode: Manual;
00:19:14.0609 0x00ec  ============================================================
00:19:14.0609 0x00ec  KSN ping started
00:19:15.0765 0x00ec  KSN ping finished: true
00:19:17.0593 0x00ec  ================ Scan system memory ========================
00:19:17.0593 0x00ec  System memory - ok
00:19:17.0593 0x00ec  ================ Scan services =============================
00:19:17.0765 0x00ec  [ 77B1E1CC929083A64A958D3E6A0C8441, 71CF691497DE09BBFA050234E9612AAA6F0942507B8E8EE528645BEFF0051730 ] aapltctp        C:\WINDOWS\system32\DRIVERS\aapltctp.sys
00:19:17.0765 0x00ec  aapltctp - ok
00:19:17.0953 0x00ec  [ 6430D3F927854C82C31F27E288C54CBB, BE559D3D78468FEFA8738203732CD0B713FA588F39C74E73744680C4AF137159 ] aapltp          C:\WINDOWS\system32\DRIVERS\aapltp.sys
00:19:17.0953 0x00ec  aapltp - ok
00:19:17.0968 0x00ec  Abiosdsk - ok
00:19:17.0984 0x00ec  abp480n5 - ok
00:19:18.0062 0x00ec  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:19:18.0078 0x00ec  ACPI - ok
00:19:18.0125 0x00ec  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
00:19:18.0125 0x00ec  ACPIEC - ok
00:19:18.0203 0x00ec  [ 6D182C31ACF16213407F2768F1107FE3, 92B602152AB9F93A7AC510A01AEF714ED8EE30C9306E3D44BECEE10EC3464184 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
00:19:18.0218 0x00ec  Adobe LM Service - ok
00:19:18.0328 0x00ec  [ 476BB014F3F68C0C15EDDD5B444DA8FF, 94E8FDC4390672C31081EACF3B3AE57486ED06669C4120F139DB3A62AAE77071 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:19:18.0359 0x00ec  AdobeFlashPlayerUpdateSvc - ok
00:19:18.0375 0x00ec  adpu160m - ok
00:19:18.0421 0x00ec  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
00:19:18.0437 0x00ec  aec - ok
00:19:18.0484 0x00ec  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
00:19:18.0484 0x00ec  AFD - ok
00:19:18.0500 0x00ec  Aha154x - ok
00:19:18.0515 0x00ec  aic78u2 - ok
00:19:18.0546 0x00ec  aic78xx - ok
00:19:18.0593 0x00ec  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
00:19:18.0593 0x00ec  Alerter - ok
00:19:18.0625 0x00ec  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
00:19:18.0625 0x00ec  ALG - ok
00:19:18.0640 0x00ec  AliIde - ok
00:19:18.0656 0x00ec  amsint - ok
00:19:18.0734 0x00ec  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:19:18.0750 0x00ec  Apple Mobile Device - ok
00:19:18.0796 0x00ec  [ 6BB0152196F33E1F6F490EDF48AB1BA9, 7EEAC5D62570E45D2539F6763B108DC2A2B149AA60CB2D7A254F030A3045E2A5 ] applebt         C:\WINDOWS\system32\DRIVERS\applebt.sys
00:19:18.0796 0x00ec  applebt - ok
00:19:18.0843 0x00ec  [ E1C456F933D27813B46CA4BB2071B947, D74CA943CEC3032B43E98CD8F6C5FCA8845C01580278D8587B557843790EC506 ] AppleOSSMgr     C:\WINDOWS\system32\AppleOSSMgr.exe
00:19:18.0843 0x00ec  AppleOSSMgr - ok
00:19:18.0890 0x00ec  [ 9C55D327A8A2A8234D43193ADDE2B5F0, D83033AD367B33E5180CA7AB7FAC7A90F188D24F20916C4BE978C97B4B5CCEA3 ] AppleTimeSrv    C:\WINDOWS\system32\AppleTimeSrv.exe
00:19:18.0890 0x00ec  AppleTimeSrv - ok
00:19:18.0937 0x00ec  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
00:19:18.0937 0x00ec  AppMgmt - ok
00:19:18.0984 0x00ec  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:19:18.0984 0x00ec  Arp1394 - ok
00:19:19.0000 0x00ec  asc - ok
00:19:19.0015 0x00ec  asc3350p - ok
00:19:19.0031 0x00ec  asc3550 - ok
00:19:19.0156 0x00ec  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:19:19.0156 0x00ec  aspnet_state - ok
00:19:19.0171 0x00ec  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:19:19.0171 0x00ec  AsyncMac - ok
00:19:19.0203 0x00ec  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
00:19:19.0203 0x00ec  atapi - ok
00:19:19.0218 0x00ec  Atdisk - ok
00:19:19.0281 0x00ec  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:19:19.0296 0x00ec  Atmarpc - ok
00:19:19.0328 0x00ec  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
00:19:19.0328 0x00ec  AudioSrv - ok
00:19:19.0375 0x00ec  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
00:19:19.0375 0x00ec  audstub - ok
00:19:19.0468 0x00ec  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe
00:19:19.0484 0x00ec  BBSvc - ok
00:19:19.0515 0x00ec  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
00:19:19.0531 0x00ec  BBUpdate - ok
00:19:19.0625 0x00ec  [ E9EA635B8432D68F0005B3F6CEBAB837, 62E9C7AE02836457EB50C816B6BCB671F2918FD5A451415257077A4CC99CA2AB ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
00:19:19.0656 0x00ec  BCM43XX - ok
00:19:19.0703 0x00ec  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
00:19:19.0703 0x00ec  Beep - ok
00:19:19.0765 0x00ec  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
00:19:19.0843 0x00ec  BITS - ok
00:19:19.0968 0x00ec  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:19:20.0000 0x00ec  Bonjour Service - ok
00:19:20.0046 0x00ec  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
00:19:20.0046 0x00ec  Browser - ok
00:19:20.0078 0x00ec  [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
00:19:20.0078 0x00ec  BthEnum - ok
00:19:20.0125 0x00ec  [ 8787E193FCEB88F12CE2B1A0BBC3F64E, 7A66D6E850F6ECF068EEF56333271A585096CED6F02E54083E0FE96012565D7B ] BthKicker       C:\WINDOWS\system32\DRIVERS\BthKicker.sys
00:19:20.0125 0x00ec  BthKicker - ok
00:19:20.0171 0x00ec  [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
00:19:20.0171 0x00ec  BthPan - ok
00:19:20.0218 0x00ec  [ 662BFD909447DD9CC15B1A1C366583B4, 2E012304336769C24A6EFB4D975BA3F21289827A5EB4C9A8216E941344348447 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
00:19:20.0218 0x00ec  BTHPORT - ok
00:19:20.0265 0x00ec  [ F4C43C66471B87996D95DB7A3A664A37, C7324DBF75376578EC254FD64E2564FEF9A35B58DFE1095389F769F37EA68B21 ] BthServ         C:\WINDOWS\System32\bthserv.dll
00:19:20.0265 0x00ec  BthServ - ok
00:19:20.0296 0x00ec  [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
00:19:20.0296 0x00ec  BTHUSB - ok
00:19:20.0437 0x00ec  catchme - ok
00:19:20.0468 0x00ec  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
00:19:20.0468 0x00ec  cbidf2k - ok
00:19:20.0515 0x00ec  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:19:20.0515 0x00ec  CCDECODE - ok
00:19:20.0531 0x00ec  cd20xrnt - ok
00:19:20.0546 0x00ec  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
00:19:20.0546 0x00ec  Cdaudio - ok
00:19:20.0578 0x00ec  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
00:19:20.0578 0x00ec  Cdfs - ok
00:19:20.0625 0x00ec  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:19:20.0625 0x00ec  Cdrom - ok
00:19:20.0625 0x00ec  Changer - ok
00:19:20.0671 0x00ec  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
00:19:20.0671 0x00ec  CiSvc - ok
00:19:20.0703 0x00ec  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
00:19:20.0703 0x00ec  ClipSrv - ok
00:19:20.0750 0x00ec  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:19:20.0765 0x00ec  clr_optimization_v2.0.50727_32 - ok
00:19:20.0828 0x00ec  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:19:20.0828 0x00ec  clr_optimization_v4.0.30319_32 - ok
00:19:20.0859 0x00ec  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:19:20.0859 0x00ec  CmBatt - ok
00:19:20.0875 0x00ec  CmdIde - ok
00:19:20.0906 0x00ec  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:19:20.0906 0x00ec  Compbatt - ok
00:19:20.0921 0x00ec  COMSysApp - ok
00:19:20.0953 0x00ec  Cpqarray - ok
00:19:21.0015 0x00ec  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
00:19:21.0015 0x00ec  CryptSvc - ok
00:19:21.0015 0x00ec  dac2w2k - ok
00:19:21.0031 0x00ec  dac960nt - ok
00:19:21.0109 0x00ec  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
00:19:21.0125 0x00ec  DcomLaunch - ok
00:19:21.0156 0x00ec  [ 6C601D712318E4F71EA08055F68BFF64, 8D42D6AD2B0806B736D365FAF42CFC123E15513B3CA90D2DE17891CF3127D79A ] DevUpper        C:\WINDOWS\system32\DRIVERS\iSightFT.sys
00:19:21.0156 0x00ec  DevUpper - ok
00:19:21.0203 0x00ec  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
00:19:21.0218 0x00ec  Dhcp - ok
00:19:21.0250 0x00ec  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
00:19:21.0250 0x00ec  Disk - ok
00:19:21.0265 0x00ec  dmadmin - ok
00:19:21.0328 0x00ec  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
00:19:21.0375 0x00ec  dmboot - ok
00:19:21.0406 0x00ec  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
00:19:21.0406 0x00ec  dmio - ok
00:19:21.0453 0x00ec  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
00:19:21.0453 0x00ec  dmload - ok
00:19:21.0500 0x00ec  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
00:19:21.0500 0x00ec  dmserver - ok
00:19:21.0531 0x00ec  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
00:19:21.0531 0x00ec  DMusic - ok
00:19:21.0578 0x00ec  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
00:19:21.0578 0x00ec  Dnscache - ok
00:19:21.0625 0x00ec  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
00:19:21.0625 0x00ec  Dot3svc - ok
00:19:21.0687 0x00ec  [ 3E4B043F8BC6BE1D4820CC6C9C500306, 41F5AB9F3D65FEF3AB50562A3B91A3268B887CCF7FE5FC9D49478147700C72F4 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
00:19:21.0687 0x00ec  dot4 - ok
00:19:21.0734 0x00ec  [ 77CE63A8A34AE23D9FE4C7896D1DEBE7, FC17B00AEDC57AC436EACD2D576642098479E5CE10A42775D339B66A53460DC7 ] Dot4Print       C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
00:19:21.0734 0x00ec  Dot4Print - ok
00:19:21.0765 0x00ec  [ 6EC3AF6BB5B30E488A0C559921F012E1, 2BB92048A3FB4AEE6B852B9E2F2B2743A8EB73FEBD62273FDB40EF5C90CD5962 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
00:19:21.0765 0x00ec  dot4usb - ok
00:19:21.0781 0x00ec  dpti2o - ok
00:19:21.0812 0x00ec  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
00:19:21.0812 0x00ec  drmkaud - ok
00:19:21.0859 0x00ec  [ 14EA0C26137744636EB25B3FF1F2B02E, D621C86FBE526323393A359F19564BD9492D3B03C40889C6455337FF93F63A97 ] eamon           C:\WINDOWS\system32\DRIVERS\eamon.sys
00:19:21.0875 0x00ec  eamon - ok
00:19:21.0906 0x00ec  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
00:19:21.0906 0x00ec  EapHost - ok
00:19:21.0968 0x00ec  [ 366369746D1818FDD8589D1F2C8A6D03, 3EF30C36DEAB79C2E971CA189BDEBAC2491956D3C834E0D1ECCACBD23717B128 ] ehdrv           C:\WINDOWS\system32\DRIVERS\ehdrv.sys
00:19:21.0984 0x00ec  ehdrv - ok
00:19:22.0125 0x00ec  [ 7FE34FD5652C54BDA8D2DF8AC92E833A, 2B2836F47398AAD173F0D5C016B3B4DAB13F4EEC991B05D3C8B1DF310B25A96A ] ekrn            C:\Program Files\ESET\ESET Smart Security\ekrn.exe
00:19:22.0218 0x00ec  ekrn - ok
00:19:22.0281 0x00ec  [ 5F08103444A1B5B2A38EAB729DE0A1A3, 0A8C2F9064F67A167B17E22A57F1C2866B4923C8BB702D0AAE4AE0D5D9C4F689 ] epfw            C:\WINDOWS\system32\DRIVERS\epfw.sys
00:19:22.0281 0x00ec  epfw - ok
00:19:22.0343 0x00ec  [ 03C6C226BC364D23682A8A5AE136F038, 824BA2F956853556958E26D56B5F54AD5FAC9C7E638AA4BF2502D2E7B5EA171D ] Epfwndis        C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
00:19:22.0343 0x00ec  Epfwndis - ok
00:19:22.0406 0x00ec  [ FEDBE43C34EF0D4CB249C22964B0E17D, 79844F1953F7593AAFA0D166DA97B69F6F6B63AA4C48265B15944FBF17B15603 ] epfwtdi         C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
00:19:22.0406 0x00ec  epfwtdi - ok
00:19:22.0437 0x00ec  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
00:19:22.0437 0x00ec  ERSvc - ok
00:19:22.0468 0x00ec  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
00:19:22.0484 0x00ec  Eventlog - ok
00:19:22.0546 0x00ec  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
00:19:22.0546 0x00ec  EventSystem - ok
00:19:22.0578 0x00ec  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
00:19:22.0593 0x00ec  Fastfat - ok
00:19:22.0656 0x00ec  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:19:22.0656 0x00ec  FastUserSwitchingCompatibility - ok
00:19:22.0671 0x00ec  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
00:19:22.0671 0x00ec  Fdc - ok
00:19:22.0687 0x00ec  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
00:19:22.0687 0x00ec  Fips - ok
00:19:22.0703 0x00ec  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
00:19:22.0718 0x00ec  Flpydisk - ok
00:19:22.0765 0x00ec  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
00:19:22.0781 0x00ec  FltMgr - ok
00:19:22.0843 0x00ec  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:19:22.0843 0x00ec  FontCache3.0.0.0 - ok
00:19:22.0875 0x00ec  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:19:22.0875 0x00ec  Fs_Rec - ok
00:19:22.0890 0x00ec  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:19:22.0906 0x00ec  Ftdisk - ok
00:19:22.0937 0x00ec  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:19:22.0937 0x00ec  GEARAspiWDM - ok
00:19:22.0953 0x00ec  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:19:22.0953 0x00ec  Gpc - ok
00:19:23.0000 0x00ec  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:19:23.0000 0x00ec  HDAudBus - ok
00:19:23.0078 0x00ec  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:19:23.0078 0x00ec  helpsvc - ok
00:19:23.0109 0x00ec  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
00:19:23.0109 0x00ec  HidServ - ok
00:19:23.0156 0x00ec  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:19:23.0156 0x00ec  hidusb - ok
00:19:23.0171 0x00ec  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
00:19:23.0171 0x00ec  hkmsvc - ok
00:19:23.0187 0x00ec  hpn - ok
00:19:23.0250 0x00ec  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
00:19:23.0265 0x00ec  HTTP - ok
00:19:23.0328 0x00ec  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
00:19:23.0343 0x00ec  HTTPFilter - ok
00:19:23.0359 0x00ec  i2omgmt - ok
00:19:23.0375 0x00ec  i2omp - ok
00:19:23.0750 0x00ec  [ F1E21FADAE4A4F98D969683AB4EF44C6, C070CEF5C74E25145719694D24FA99B9BA13C31A1017A89A9E3B77A9884E3AFF ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
00:19:24.0093 0x00ec  ialm - ok
00:19:24.0218 0x00ec  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:19:24.0281 0x00ec  idsvc - ok
00:19:24.0312 0x00ec  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
00:19:24.0312 0x00ec  Imapi - ok
00:19:24.0359 0x00ec  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
00:19:24.0359 0x00ec  ImapiService - ok
00:19:24.0390 0x00ec  ini910u - ok
00:19:24.0718 0x00ec  [ 613A2B00DA1D4A80DE1EC8CFB52C0D89, 604C591666569F38B82845448A6893CA06EBE0AC58F810DC6A1E3455C33831E1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:19:25.0000 0x00ec  IntcAzAudAddService - ok
00:19:25.0031 0x00ec  IntelIde - ok
00:19:25.0078 0x00ec  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:19:25.0078 0x00ec  intelppm - ok
00:19:25.0093 0x00ec  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
00:19:25.0093 0x00ec  Ip6Fw - ok
00:19:25.0125 0x00ec  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:19:25.0125 0x00ec  IpFilterDriver - ok
00:19:25.0156 0x00ec  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:19:25.0156 0x00ec  IpInIp - ok
00:19:25.0187 0x00ec  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:19:25.0203 0x00ec  IpNat - ok
00:19:25.0312 0x00ec  [ E46B17060D3962A384AE484094614788, 9E8EF45C72A01FA586FF028B62F6675114CC9CBBCE172A789EDA754AE3F79121 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
00:19:25.0343 0x00ec  iPod Service - ok
00:19:25.0390 0x00ec  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:19:25.0390 0x00ec  IPSec - ok
00:19:25.0406 0x00ec  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
00:19:25.0421 0x00ec  IRENUM - ok
00:19:25.0453 0x00ec  [ 7BAEF646E550106B039849B72244A35A, 27CB155D23D8D9CFB3C6A408B9A056A503A0FB18BEE85B9B7A79173D114DF710 ] IRRemoteFlt     C:\WINDOWS\system32\DRIVERS\IRFilter.sys
00:19:25.0453 0x00ec  IRRemoteFlt - ok
00:19:25.0484 0x00ec  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:19:25.0484 0x00ec  isapnp - ok
00:19:25.0515 0x00ec  [ EFC804EF56E3AF0430C185D533B648C6, 591C2F5B68783AEE7FECF692629DD44102B164C312EA9FFE3621536AF95426AA ] iSightUpdate    C:\WINDOWS\system32\DRIVERS\iSightUP.sys
00:19:25.0515 0x00ec  iSightUpdate - ok
00:19:25.0593 0x00ec  [ 4F2143570D2250CA4C4A4C98553C82CD, 39AD6205A402270E349A8213CA3A13FD62E2FD958AB846EE8ACCCBCDB44E98C3 ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
00:19:25.0609 0x00ec  JavaQuickStarterService - ok
00:19:25.0640 0x00ec  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:19:25.0640 0x00ec  Kbdclass - ok
00:19:25.0640 0x00ec  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:19:25.0640 0x00ec  kbdhid - ok
00:19:25.0671 0x00ec  [ 41FFD6CF9745C54FA2310CFEC88EE5ED, 14721FCE42AE3F370169DD46B67B38DCAC57CA9F8F6D31661FFCA97465C924C0 ] KeyAgent        C:\WINDOWS\system32\drivers\KeyAgent.sys
00:19:25.0671 0x00ec  KeyAgent - ok
00:19:25.0687 0x00ec  [ F0135C184560C73AACD53AD07A9AA434, C8F8D0147EDFC4472B4240E84527D51FC7A004E70EFB4EEF79F4773698D8485D ] KeyMagic        C:\WINDOWS\system32\DRIVERS\KeyMagic.sys
00:19:25.0687 0x00ec  KeyMagic - ok
00:19:25.0718 0x00ec  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
00:19:25.0734 0x00ec  kmixer - ok
00:19:25.0781 0x00ec  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
00:19:25.0781 0x00ec  KSecDD - ok
00:19:25.0812 0x00ec  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
00:19:25.0828 0x00ec  lanmanserver - ok
00:19:25.0859 0x00ec  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:19:25.0859 0x00ec  lanmanworkstation - ok
00:19:25.0875 0x00ec  lbrtfdc - ok
00:19:25.0968 0x00ec  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
00:19:25.0968 0x00ec  LmHosts - ok
00:19:26.0015 0x00ec  [ 67817E31ACB988465AAFE7D51888002B, C641E4A8976D6FBB8486E1655A17A96AFCB64DB72896EE05D90F71D314D419E6 ] MacHALDriver    C:\WINDOWS\system32\drivers\MacHALDriver.sys
00:19:26.0015 0x00ec  MacHALDriver - ok
00:19:26.0046 0x00ec  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
00:19:26.0046 0x00ec  MBAMProtector - ok
00:19:26.0156 0x00ec  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:19:26.0156 0x00ec  MBAMScheduler - ok
00:19:26.0234 0x00ec  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
00:19:26.0265 0x00ec  MBAMService - ok
00:19:26.0375 0x00ec  [ DDCC236009C707761D60E5C76D639176, 7D88944E4DC258C9B7B23E44CAF515BBB2A6E3831CF059AC03DF2CDB3953A04C ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
00:19:26.0484 0x00ec  McComponentHostService - ok
00:19:26.0625 0x00ec  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
00:19:26.0640 0x00ec  MDM - ok
00:19:26.0687 0x00ec  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
00:19:26.0687 0x00ec  Messenger - ok
00:19:26.0734 0x00ec  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
00:19:26.0734 0x00ec  mnmdd - ok
00:19:26.0765 0x00ec  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
00:19:26.0781 0x00ec  mnmsrvc - ok
00:19:26.0812 0x00ec  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
00:19:26.0812 0x00ec  Modem - ok
00:19:26.0828 0x00ec  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:19:26.0828 0x00ec  Mouclass - ok
00:19:26.0875 0x00ec  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:19:26.0875 0x00ec  mouhid - ok
00:19:26.0906 0x00ec  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
00:19:26.0906 0x00ec  MountMgr - ok
00:19:26.0953 0x00ec  [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:19:26.0968 0x00ec  MozillaMaintenance - ok
00:19:26.0984 0x00ec  mraid35x - ok
00:19:27.0015 0x00ec  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:19:27.0031 0x00ec  MRxDAV - ok
00:19:27.0109 0x00ec  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:19:27.0125 0x00ec  MRxSmb - ok
00:19:27.0156 0x00ec  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
00:19:27.0156 0x00ec  MSDTC - ok
00:19:27.0234 0x00ec  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
00:19:27.0234 0x00ec  Msfs - ok
00:19:27.0234 0x00ec  MSIServer - ok
00:19:27.0265 0x00ec  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:19:27.0265 0x00ec  MSKSSRV - ok
00:19:27.0296 0x00ec  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:19:27.0296 0x00ec  MSPCLOCK - ok
00:19:27.0328 0x00ec  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
00:19:27.0328 0x00ec  MSPQM - ok
00:19:27.0343 0x00ec  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:19:27.0343 0x00ec  mssmbios - ok
00:19:27.0468 0x00ec  MSSQL$PRISM_SQL - ok
00:19:27.0546 0x00ec  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
00:19:27.0546 0x00ec  MSSQLServerADHelper - ok
00:19:27.0562 0x00ec  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
00:19:27.0562 0x00ec  MSTEE - ok
00:19:27.0625 0x00ec  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
00:19:27.0625 0x00ec  Mup - ok
00:19:27.0671 0x00ec  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:19:27.0671 0x00ec  NABTSFEC - ok
00:19:27.0750 0x00ec  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
00:19:27.0765 0x00ec  napagent - ok
00:19:27.0843 0x00ec  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
00:19:27.0859 0x00ec  NDIS - ok
00:19:27.0890 0x00ec  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:19:27.0890 0x00ec  NdisIP - ok
00:19:27.0937 0x00ec  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:19:27.0937 0x00ec  NdisTapi - ok
00:19:27.0984 0x00ec  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:19:27.0984 0x00ec  Ndisuio - ok
00:19:28.0000 0x00ec  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:19:28.0000 0x00ec  NdisWan - ok
00:19:28.0062 0x00ec  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
00:19:28.0062 0x00ec  NDProxy - ok
00:19:28.0093 0x00ec  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
00:19:28.0093 0x00ec  NetBIOS - ok
00:19:28.0140 0x00ec  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
00:19:28.0140 0x00ec  NetBT - ok
00:19:28.0187 0x00ec  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
00:19:28.0203 0x00ec  NetDDE - ok
00:19:28.0203 0x00ec  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
00:19:28.0218 0x00ec  NetDDEdsdm - ok
00:19:28.0250 0x00ec  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
00:19:28.0250 0x00ec  Netlogon - ok
00:19:28.0281 0x00ec  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
00:19:28.0296 0x00ec  Netman - ok
00:19:28.0390 0x00ec  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:19:28.0406 0x00ec  NetTcpPortSharing - ok
00:19:28.0421 0x00ec  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:19:28.0437 0x00ec  NIC1394 - ok
00:19:28.0468 0x00ec  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
00:19:28.0468 0x00ec  Nla - ok
00:19:28.0500 0x00ec  Nmea - ok
00:19:28.0546 0x00ec  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
00:19:28.0546 0x00ec  Npfs - ok
00:19:28.0593 0x00ec  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
00:19:28.0625 0x00ec  Ntfs - ok
00:19:28.0656 0x00ec  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
00:19:28.0656 0x00ec  NtLmSsp - ok
00:19:28.0718 0x00ec  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
00:19:28.0718 0x00ec  NtmsSvc - ok
00:19:28.0750 0x00ec  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
00:19:28.0750 0x00ec  Null - ok
00:19:28.0796 0x00ec  [ 0973C0C696780161F4526586D5EAC422, ED0DFB4EACA6A8E9CF92B217FD362F2665535B340C071E9CD7A47EFB8150C50C ] NWADI           C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
00:19:28.0812 0x00ec  NWADI - ok
00:19:28.0843 0x00ec  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:19:28.0843 0x00ec  NwlnkFlt - ok
00:19:28.0875 0x00ec  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:19:28.0875 0x00ec  NwlnkFwd - ok
00:19:28.0953 0x00ec  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:19:28.0968 0x00ec  odserv - ok
00:19:29.0000 0x00ec  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:19:29.0000 0x00ec  ohci1394 - ok
00:19:29.0046 0x00ec  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:19:29.0062 0x00ec  ose - ok
00:19:29.0109 0x00ec  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
00:19:29.0109 0x00ec  Parport - ok
00:19:29.0125 0x00ec  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
00:19:29.0125 0x00ec  PartMgr - ok
00:19:29.0156 0x00ec  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
00:19:29.0156 0x00ec  ParVdm - ok
00:19:29.0203 0x00ec  [ 1961590AA191B6B7DCF18A6A693AF7B8, 69DB6D42DB4EB8C77DC927FA946D115C19A936ADBD2F5677CBB5039401D6EFD0 ] PCASp50         C:\WINDOWS\system32\Drivers\PCASp50.sys
00:19:29.0203 0x00ec  PCASp50 - ok
00:19:29.0234 0x00ec  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
00:19:29.0234 0x00ec  PCI - ok
00:19:29.0250 0x00ec  PCIDump - ok
00:19:29.0312 0x00ec  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
00:19:29.0312 0x00ec  PCIIde - ok
00:19:29.0343 0x00ec  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
00:19:29.0343 0x00ec  Pcmcia - ok
00:19:29.0359 0x00ec  PCTINDIS5 - ok
00:19:29.0375 0x00ec  PDCOMP - ok
00:19:29.0390 0x00ec  PDFRAME - ok
00:19:29.0406 0x00ec  PDRELI - ok
00:19:29.0437 0x00ec  PDRFRAME - ok
00:19:29.0453 0x00ec  perc2 - ok
00:19:29.0468 0x00ec  perc2hib - ok
00:19:29.0531 0x00ec  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
00:19:29.0546 0x00ec  PlugPlay - ok
00:19:29.0562 0x00ec  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
00:19:29.0562 0x00ec  PolicyAgent - ok
00:19:29.0609 0x00ec  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:19:29.0609 0x00ec  PptpMiniport - ok
00:19:29.0609 0x00ec  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:19:29.0609 0x00ec  ProtectedStorage - ok
00:19:29.0640 0x00ec  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
00:19:29.0640 0x00ec  PSched - ok
00:19:29.0687 0x00ec  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
00:19:29.0703 0x00ec  PSI_SVC_2 - ok
00:19:29.0734 0x00ec  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:19:29.0734 0x00ec  Ptilink - ok
00:19:29.0750 0x00ec  ql1080 - ok
00:19:29.0765 0x00ec  Ql10wnt - ok
00:19:29.0781 0x00ec  ql12160 - ok
00:19:29.0796 0x00ec  ql1240 - ok
00:19:29.0812 0x00ec  ql1280 - ok
00:19:29.0843 0x00ec  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:19:29.0843 0x00ec  RasAcd - ok
00:19:29.0875 0x00ec  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
00:19:29.0890 0x00ec  RasAuto - ok
00:19:29.0921 0x00ec  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:19:29.0921 0x00ec  Rasl2tp - ok
00:19:29.0984 0x00ec  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
00:19:29.0984 0x00ec  RasMan - ok
00:19:30.0000 0x00ec  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:19:30.0000 0x00ec  RasPppoe - ok
00:19:30.0015 0x00ec  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
00:19:30.0015 0x00ec  Raspti - ok
00:19:30.0062 0x00ec  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:19:30.0078 0x00ec  Rdbss - ok
00:19:30.0093 0x00ec  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:19:30.0093 0x00ec  RDPCDD - ok
00:19:30.0125 0x00ec  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:19:30.0125 0x00ec  rdpdr - ok
00:19:30.0171 0x00ec  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
00:19:30.0187 0x00ec  RDPWD - ok
00:19:30.0203 0x00ec  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
00:19:30.0218 0x00ec  RDSessMgr - ok
00:19:30.0250 0x00ec  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
00:19:30.0250 0x00ec  redbook - ok
00:19:30.0281 0x00ec  [ 24D3B49DAB660A8B8AFA40240E735E24, 1CA5554C582ADB83476B989845509FD1A1E82DAC627847A7209F9B39E472D8A7 ] regi            C:\WINDOWS\system32\drivers\regi.sys
00:19:30.0281 0x00ec  regi - ok
00:19:30.0312 0x00ec  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
00:19:30.0312 0x00ec  RemoteAccess - ok
00:19:30.0343 0x00ec  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
00:19:30.0359 0x00ec  RemoteRegistry - ok
00:19:30.0406 0x00ec  [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
00:19:30.0406 0x00ec  RFCOMM - ok
00:19:30.0453 0x00ec  [ 4F4A4C09CC5BE58A76CAC1C337E004E6, 5DFFB1C60709A80DAC46BCBB9BA76408332A681EFA6ABB330CD74236109F4296 ] RimUsb          C:\WINDOWS\system32\Drivers\RimUsb.sys
00:19:30.0453 0x00ec  RimUsb - ok
00:19:30.0515 0x00ec  [ 3A5633AD615E2B15291BD0B1B97CCD8A, 17E6FE788E8FBC6CB84B68F49FAFB4F63398EA97D89AACF677B338464B68E2AD ] RimVSerPort     C:\WINDOWS\system32\DRIVERS\RimSerial.sys
00:19:30.0562 0x00ec  RimVSerPort - ok
00:19:30.0609 0x00ec  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
00:19:30.0609 0x00ec  ROOTMODEM - ok
00:19:30.0656 0x00ec  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
00:19:30.0687 0x00ec  RpcLocator - ok
00:19:30.0734 0x00ec  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
00:19:30.0750 0x00ec  RpcSs - ok
00:19:30.0781 0x00ec  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
00:19:30.0828 0x00ec  RSVP - ok
00:19:30.0843 0x00ec  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
00:19:30.0843 0x00ec  SamSs - ok
00:19:30.0890 0x00ec  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
00:19:30.0890 0x00ec  SCardSvr - ok
00:19:30.0937 0x00ec  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
00:19:30.0953 0x00ec  Schedule - ok
00:19:31.0015 0x00ec  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:19:31.0015 0x00ec  Secdrv - ok
00:19:31.0031 0x00ec  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
00:19:31.0031 0x00ec  seclogon - ok
00:19:31.0062 0x00ec  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
00:19:31.0062 0x00ec  SENS - ok
00:19:31.0093 0x00ec  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
00:19:31.0093 0x00ec  Serial - ok
00:19:31.0171 0x00ec  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
00:19:31.0171 0x00ec  Sfloppy - ok
00:19:31.0234 0x00ec  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
00:19:31.0234 0x00ec  SharedAccess - ok
00:19:31.0265 0x00ec  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:19:31.0281 0x00ec  ShellHWDetection - ok
00:19:31.0296 0x00ec  Simbad - ok
00:19:31.0328 0x00ec  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:19:31.0328 0x00ec  SLIP - ok
00:19:31.0359 0x00ec  Sparrow - ok
00:19:31.0406 0x00ec  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
00:19:31.0406 0x00ec  splitter - ok
00:19:31.0453 0x00ec  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
00:19:31.0453 0x00ec  Spooler - ok
00:19:31.0515 0x00ec  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
00:19:31.0515 0x00ec  SQLBrowser - ok
00:19:31.0546 0x00ec  [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
00:19:31.0546 0x00ec  SQLWriter - ok
00:19:31.0578 0x00ec  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
00:19:31.0578 0x00ec  sr - ok
00:19:31.0640 0x00ec  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
00:19:31.0656 0x00ec  srservice - ok
00:19:31.0718 0x00ec  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
00:19:31.0765 0x00ec  Srv - ok
00:19:31.0796 0x00ec  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
00:19:31.0796 0x00ec  SSDPSRV - ok
00:19:31.0843 0x00ec  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
00:19:31.0859 0x00ec  stisvc - ok
00:19:31.0890 0x00ec  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:19:31.0921 0x00ec  streamip - ok
00:19:31.0937 0x00ec  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
00:19:31.0937 0x00ec  swenum - ok
00:19:31.0984 0x00ec  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
00:19:31.0984 0x00ec  swmidi - ok
00:19:32.0031 0x00ec  [ E6C797B33A454840245C0C96E7F08B0A, 21E9D936AB6C173DAE197007C95702951FE196EFE0B83B71FED90A0D79128012 ] swmsflt         C:\WINDOWS\System32\drivers\swmsflt.sys
00:19:32.0031 0x00ec  swmsflt - ok
00:19:32.0078 0x00ec  [ 5D3C9F767EADED3E14FA4CE6CF9F7725, 809757FAAF0FC111F1DC936EF7014DCF23042F8F9E579F339E7F86C3589AF536 ] swmx00          C:\WINDOWS\system32\DRIVERS\swmx00.sys
00:19:32.0109 0x00ec  swmx00 - ok
00:19:32.0156 0x00ec  [ E0919389FB29ED5C03B0B664236ABE50, 936C830CD4B094C2A74C0DDBA97DABD9F6868FE096E5367B7B54573CA2DD4709 ] SWNC5E00        C:\WINDOWS\system32\DRIVERS\SWNC5E00.sys
00:19:32.0203 0x00ec  SWNC5E00 - ok
00:19:32.0218 0x00ec  SwPrv - ok
00:19:32.0234 0x00ec  symc810 - ok
00:19:32.0250 0x00ec  symc8xx - ok
00:19:32.0281 0x00ec  sym_hi - ok
00:19:32.0296 0x00ec  sym_u3 - ok
00:19:32.0328 0x00ec  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
00:19:32.0359 0x00ec  sysaudio - ok
00:19:32.0406 0x00ec  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
00:19:32.0406 0x00ec  SysmonLog - ok
00:19:32.0468 0x00ec  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
00:19:32.0468 0x00ec  TapiSrv - ok
00:19:32.0546 0x00ec  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:19:32.0562 0x00ec  Tcpip - ok
00:19:32.0593 0x00ec  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
00:19:32.0593 0x00ec  TDPIPE - ok
00:19:32.0625 0x00ec  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
00:19:32.0625 0x00ec  TDTCP - ok
00:19:32.0671 0x00ec  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
00:19:32.0671 0x00ec  TermDD - ok
00:19:32.0734 0x00ec  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
00:19:32.0734 0x00ec  TermService - ok
00:19:32.0765 0x00ec  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
00:19:32.0781 0x00ec  Themes - ok
00:19:32.0828 0x00ec  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
00:19:32.0828 0x00ec  TlntSvr - ok
00:19:32.0843 0x00ec  TosIde - ok
00:19:32.0890 0x00ec  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
00:19:32.0890 0x00ec  TrkWks - ok
00:19:32.0906 0x00ec  TrueSight - ok
00:19:32.0984 0x00ec  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
00:19:32.0984 0x00ec  Udfs - ok
00:19:33.0000 0x00ec  ultra - ok
00:19:33.0031 0x00ec  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
00:19:33.0046 0x00ec  Update - ok
00:19:33.0078 0x00ec  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
00:19:33.0093 0x00ec  upnphost - ok
00:19:33.0125 0x00ec  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
00:19:33.0140 0x00ec  UPS - ok
00:19:33.0187 0x00ec  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
00:19:33.0218 0x00ec  USBAAPL - ok
00:19:33.0265 0x00ec  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
00:19:33.0296 0x00ec  usbaudio - ok
00:19:33.0343 0x00ec  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:19:33.0343 0x00ec  usbccgp - ok
00:19:33.0375 0x00ec  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:19:33.0390 0x00ec  usbehci - ok
00:19:33.0437 0x00ec  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:19:33.0437 0x00ec  usbhub - ok
00:19:33.0468 0x00ec  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:19:33.0500 0x00ec  usbscan - ok
00:19:33.0562 0x00ec  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:19:33.0578 0x00ec  USBSTOR - ok
00:19:33.0609 0x00ec  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:19:33.0609 0x00ec  usbuhci - ok
00:19:33.0640 0x00ec  [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
00:19:33.0671 0x00ec  usbvideo - ok
00:19:33.0734 0x00ec  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
00:19:33.0734 0x00ec  VgaSave - ok
00:19:33.0734 0x00ec  ViaIde - ok
00:19:33.0796 0x00ec  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
00:19:33.0812 0x00ec  VolSnap - ok
00:19:33.0859 0x00ec  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
00:19:33.0875 0x00ec  VSS - ok
00:19:33.0890 0x00ec  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
00:19:33.0906 0x00ec  W32Time - ok
00:19:33.0953 0x00ec  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:19:33.0953 0x00ec  Wanarp - ok
00:19:34.0031 0x00ec  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:19:34.0046 0x00ec  Wdf01000 - ok
00:19:34.0046 0x00ec  WDICA - ok
00:19:34.0125 0x00ec  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
00:19:34.0125 0x00ec  wdmaud - ok
00:19:34.0156 0x00ec  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
00:19:34.0156 0x00ec  WebClient - ok
00:19:34.0234 0x00ec  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
00:19:34.0265 0x00ec  winmgmt - ok
00:19:34.0328 0x00ec  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
00:19:34.0328 0x00ec  WmdmPmSN - ok
00:19:34.0390 0x00ec  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
00:19:34.0406 0x00ec  Wmi - ok
00:19:34.0453 0x00ec  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:19:34.0468 0x00ec  WmiApSrv - ok
00:19:34.0687 0x00ec  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:19:34.0875 0x00ec  WPFFontCache_v0400 - ok
00:19:34.0937 0x00ec  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:19:34.0937 0x00ec  WS2IFSL - ok
00:19:34.0984 0x00ec  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
00:19:35.0000 0x00ec  wscsvc - ok
00:19:35.0031 0x00ec  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:19:35.0031 0x00ec  WSTCODEC - ok
00:19:35.0046 0x00ec  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
00:19:35.0062 0x00ec  wuauserv - ok
00:19:35.0140 0x00ec  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
00:19:35.0156 0x00ec  WZCSVC - ok
00:19:35.0187 0x00ec  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
00:19:35.0187 0x00ec  xmlprov - ok
00:19:35.0234 0x00ec  [ F20FC720F74A2533D70CEA1F4458F3C8, 67CFF8B09200194A36BE86FE5D95880C262354A6E7A97DA0DE1E17DB89064A43 ] yukonwxp        C:\WINDOWS\system32\DRIVERS\yk51x86.sys
00:19:35.0250 0x00ec  yukonwxp - ok
00:19:35.0312 0x00ec  ================ Scan global ===============================
00:19:35.0375 0x00ec  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
00:19:35.0421 0x00ec  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:19:35.0453 0x00ec  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:19:35.0484 0x00ec  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
00:19:35.0484 0x00ec  [ Global ] - ok
00:19:35.0484 0x00ec  ================ Scan MBR ==================================
00:19:35.0515 0x00ec  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
00:19:35.0796 0x00ec  \Device\Harddisk0\DR0 - ok
00:19:35.0796 0x00ec  ================ Scan VBR ==================================
00:19:35.0828 0x00ec  [ E7F7B4E83D5887CB19CF9F8FE0A742C7 ] \Device\Harddisk0\DR0\Partition1
00:19:35.0828 0x00ec  \Device\Harddisk0\DR0\Partition1 - ok
00:19:35.0890 0x00ec  [ 2D6588021CB6F71009E2DE3748E29F1B ] \Device\Harddisk0\DR0\Partition2
00:19:35.0890 0x00ec  \Device\Harddisk0\DR0\Partition2 - ok
00:19:35.0921 0x00ec  [ 56BB1EDB8ED7C8038AB8E11E10A7289B ] \Device\Harddisk0\DR0\Partition3
00:19:35.0921 0x00ec  \Device\Harddisk0\DR0\Partition3 - ok
00:19:35.0921 0x00ec  [ 56BB1EDB8ED7C8038AB8E11E10A7289B ] \Device\Harddisk0\DR0\Partition4
00:19:35.0921 0x00ec  \Device\Harddisk0\DR0\Partition4 - ok
00:19:35.0937 0x00ec  ================ Scan active images ========================
00:19:35.0937 0x00ec  [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys
00:19:35.0937 0x00ec  C:\WINDOWS\system32\drivers\usbport.sys - ok
00:19:35.0953 0x00ec  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
00:19:35.0953 0x00ec  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
00:19:35.0968 0x00ec  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys
00:19:35.0968 0x00ec  C:\WINDOWS\system32\drivers\usbehci.sys - ok
00:19:35.0984 0x00ec  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
00:19:35.0984 0x00ec  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
00:19:36.0015 0x00ec  [ E9EA635B8432D68F0005B3F6CEBAB837, 62E9C7AE02836457EB50C816B6BCB671F2918FD5A451415257077A4CC99CA2AB ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
00:19:36.0015 0x00ec  C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
00:19:36.0031 0x00ec  [ F20FC720F74A2533D70CEA1F4458F3C8, 67CFF8B09200194A36BE86FE5D95880C262354A6E7A97DA0DE1E17DB89064A43 ] C:\WINDOWS\system32\drivers\yk51x86.sys
00:19:36.0031 0x00ec  C:\WINDOWS\system32\drivers\yk51x86.sys - ok
00:19:36.0046 0x00ec  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
00:19:36.0046 0x00ec  C:\WINDOWS\system32\drivers\imapi.sys - ok
00:19:36.0062 0x00ec  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
00:19:36.0062 0x00ec  C:\WINDOWS\system32\drivers\cdrom.sys - ok
00:19:36.0078 0x00ec  [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
00:19:36.0078 0x00ec  C:\WINDOWS\system32\drivers\ks.sys - ok
00:19:36.0093 0x00ec  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
00:19:36.0093 0x00ec  C:\WINDOWS\system32\drivers\redbook.sys - ok
00:19:36.0109 0x00ec  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
00:19:36.0109 0x00ec  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
00:19:36.0109 0x00ec  [ 03C6C226BC364D23682A8A5AE136F038, 824BA2F956853556958E26D56B5F54AD5FAC9C7E638AA4BF2502D2E7B5EA171D ] C:\WINDOWS\system32\drivers\epfwndis.sys
00:19:36.0109 0x00ec  C:\WINDOWS\system32\drivers\epfwndis.sys - ok
00:19:36.0125 0x00ec  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
00:19:36.0125 0x00ec  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
00:19:36.0140 0x00ec  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
00:19:36.0140 0x00ec  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
00:19:36.0156 0x00ec  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
00:19:36.0156 0x00ec  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
00:19:36.0187 0x00ec  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
00:19:36.0187 0x00ec  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
00:19:36.0203 0x00ec  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
00:19:36.0203 0x00ec  C:\WINDOWS\system32\drivers\raspptp.sys - ok
00:19:36.0218 0x00ec  [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
00:19:36.0218 0x00ec  C:\WINDOWS\system32\drivers\tdi.sys - ok
00:19:36.0234 0x00ec  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
00:19:36.0234 0x00ec  C:\WINDOWS\system32\drivers\msgpc.sys - ok
00:19:36.0250 0x00ec  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
00:19:36.0250 0x00ec  C:\WINDOWS\system32\drivers\psched.sys - ok
00:19:36.0265 0x00ec  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
00:19:36.0265 0x00ec  C:\WINDOWS\system32\drivers\ptilink.sys - ok
00:19:36.0281 0x00ec  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
00:19:36.0281 0x00ec  C:\WINDOWS\system32\drivers\raspti.sys - ok
00:19:36.0296 0x00ec  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] C:\WINDOWS\system32\drivers\rdpdr.sys
00:19:36.0296 0x00ec  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
00:19:36.0312 0x00ec  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
00:19:36.0312 0x00ec  C:\WINDOWS\system32\drivers\termdd.sys - ok
00:19:36.0328 0x00ec  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
00:19:36.0328 0x00ec  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
00:19:36.0343 0x00ec  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
00:19:36.0343 0x00ec  C:\WINDOWS\system32\drivers\mouclass.sys - ok
00:19:36.0359 0x00ec  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
00:19:36.0359 0x00ec  C:\WINDOWS\system32\drivers\swenum.sys - ok
00:19:36.0375 0x00ec  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
00:19:36.0375 0x00ec  C:\WINDOWS\system32\drivers\update.sys - ok
00:19:36.0406 0x00ec  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
00:19:36.0406 0x00ec  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
00:19:36.0421 0x00ec  [ 0973C0C696780161F4526586D5EAC422, ED0DFB4EACA6A8E9CF92B217FD362F2665535B340C071E9CD7A47EFB8150C50C ] C:\WINDOWS\system32\drivers\NWADIenum.sys
00:19:36.0421 0x00ec  C:\WINDOWS\system32\drivers\NWADIenum.sys - ok
00:19:36.0437 0x00ec  [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys
00:19:36.0437 0x00ec  C:\WINDOWS\system32\drivers\usbd.sys - ok
00:19:36.0437 0x00ec  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
00:19:36.0437 0x00ec  C:\WINDOWS\system32\drivers\usbhub.sys - ok
00:19:36.0453 0x00ec  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] C:\WINDOWS\system32\drivers\ndproxy.sys
00:19:36.0453 0x00ec  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
00:19:36.0468 0x00ec  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
00:19:36.0468 0x00ec  C:\WINDOWS\system32\drivers\fdc.sys - ok
00:19:36.0484 0x00ec  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] C:\WINDOWS\system32\drivers\flpydisk.sys
00:19:36.0484 0x00ec  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
00:19:36.0500 0x00ec  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
00:19:36.0500 0x00ec  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
00:19:36.0515 0x00ec  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
00:19:36.0515 0x00ec  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
00:19:36.0546 0x00ec  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
00:19:36.0546 0x00ec  C:\WINDOWS\system32\drivers\beep.sys - ok
00:19:36.0562 0x00ec  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
00:19:36.0562 0x00ec  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
00:19:36.0578 0x00ec  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
00:19:36.0578 0x00ec  C:\WINDOWS\system32\drivers\null.sys - ok
00:19:36.0593 0x00ec  [ 366369746D1818FDD8589D1F2C8A6D03, 3EF30C36DEAB79C2E971CA189BDEBAC2491956D3C834E0D1ECCACBD23717B128 ] C:\WINDOWS\system32\drivers\ehdrv.sys
00:19:36.0593 0x00ec  C:\WINDOWS\system32\drivers\ehdrv.sys - ok
00:19:36.0609 0x00ec  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
00:19:36.0609 0x00ec  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
00:19:36.0625 0x00ec  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
00:19:36.0625 0x00ec  C:\WINDOWS\system32\drivers\vga.sys - ok
00:19:36.0640 0x00ec  [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
00:19:36.0640 0x00ec  C:\WINDOWS\system32\drivers\videoprt.sys - ok
00:19:36.0656 0x00ec  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
00:19:36.0656 0x00ec  C:\WINDOWS\system32\drivers\msfs.sys - ok
00:19:36.0671 0x00ec  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
00:19:36.0671 0x00ec  C:\WINDOWS\system32\drivers\npfs.sys - ok
00:19:36.0671 0x00ec  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
00:19:36.0671 0x00ec  C:\WINDOWS\system32\drivers\rasacd.sys - ok
00:19:36.0687 0x00ec  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
00:19:36.0687 0x00ec  C:\WINDOWS\system32\drivers\ipsec.sys - ok
00:19:36.0718 0x00ec  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
00:19:36.0718 0x00ec  C:\WINDOWS\system32\drivers\tcpip.sys - ok
00:19:36.0750 0x00ec  [ FEDBE43C34EF0D4CB249C22964B0E17D, 79844F1953F7593AAFA0D166DA97B69F6F6B63AA4C48265B15944FBF17B15603 ] C:\WINDOWS\system32\drivers\epfwtdi.sys
00:19:36.0750 0x00ec  C:\WINDOWS\system32\drivers\epfwtdi.sys - ok
00:19:36.0765 0x00ec  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys
00:19:36.0765 0x00ec  C:\WINDOWS\system32\drivers\ipnat.sys - ok
00:19:36.0781 0x00ec  [ 8787E193FCEB88F12CE2B1A0BBC3F64E, 7A66D6E850F6ECF068EEF56333271A585096CED6F02E54083E0FE96012565D7B ] C:\WINDOWS\system32\drivers\BthKicker.sys
00:19:36.0781 0x00ec  C:\WINDOWS\system32\drivers\BthKicker.sys - ok
00:19:36.0781 0x00ec  [ 6AA8BB224B30A20A5D07A2734568D6D7, 40C28C9C0B1FC26D450008C7109E3ADCB468953E27670DF133824F9969AD1DE9 ] C:\WINDOWS\system32\drivers\wdfldr.sys
00:19:36.0781 0x00ec  C:\WINDOWS\system32\drivers\wdfldr.sys - ok
00:19:36.0796 0x00ec  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
00:19:36.0796 0x00ec  C:\WINDOWS\system32\drivers\netbt.sys - ok
00:19:36.0812 0x00ec  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] C:\WINDOWS\system32\drivers\wdf01000.sys
00:19:36.0812 0x00ec  C:\WINDOWS\system32\drivers\wdf01000.sys - ok
00:19:36.0828 0x00ec  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
00:19:36.0828 0x00ec  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
00:19:36.0843 0x00ec  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
00:19:36.0843 0x00ec  C:\WINDOWS\system32\drivers\afd.sys - ok
00:19:36.0859 0x00ec  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
00:19:36.0859 0x00ec  C:\WINDOWS\system32\drivers\netbios.sys - ok
00:19:36.0875 0x00ec  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
00:19:36.0875 0x00ec  C:\WINDOWS\system32\drivers\rdbss.sys - ok
00:19:36.0890 0x00ec  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
00:19:36.0890 0x00ec  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
00:19:36.0921 0x00ec  [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
00:19:36.0921 0x00ec  C:\WINDOWS\system32\ntdll.dll - ok
00:19:36.0937 0x00ec  [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
00:19:36.0937 0x00ec  C:\WINDOWS\system32\smss.exe - ok
00:19:36.0953 0x00ec  [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
00:19:36.0953 0x00ec  C:\WINDOWS\system32\autochk.exe - ok
00:19:36.0968 0x00ec  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] C:\WINDOWS\system32\drivers\usbccgp.sys
00:19:36.0968 0x00ec  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
00:19:36.0984 0x00ec  [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
00:19:36.0984 0x00ec  C:\WINDOWS\system32\sfcfiles.dll - ok
00:19:37.0000 0x00ec  [ 7BAEF646E550106B039849B72244A35A, 27CB155D23D8D9CFB3C6A408B9A056A503A0FB18BEE85B9B7A79173D114DF710 ] C:\WINDOWS\system32\drivers\IRFilter.sys
00:19:37.0000 0x00ec  C:\WINDOWS\system32\drivers\IRFilter.sys - ok
00:19:37.0015 0x00ec  [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys
00:19:37.0015 0x00ec  C:\WINDOWS\system32\drivers\hidparse.sys - ok
00:19:37.0031 0x00ec  [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
00:19:37.0031 0x00ec  C:\WINDOWS\system32\drivers\hidclass.sys - ok
00:19:37.0031 0x00ec  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
00:19:37.0031 0x00ec  C:\WINDOWS\system32\drivers\hidusb.sys - ok
00:19:37.0046 0x00ec  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
00:19:37.0046 0x00ec  C:\WINDOWS\system32\drivers\cdfs.sys - ok
00:19:37.0078 0x00ec  [ F0135C184560C73AACD53AD07A9AA434, C8F8D0147EDFC4472B4240E84527D51FC7A004E70EFB4EEF79F4773698D8485D ] C:\WINDOWS\system32\drivers\KeyMagic.sys
00:19:37.0078 0x00ec  C:\WINDOWS\system32\drivers\KeyMagic.sys - ok
00:19:37.0093 0x00ec  [ 6430D3F927854C82C31F27E288C54CBB, BE559D3D78468FEFA8738203732CD0B713FA588F39C74E73744680C4AF137159 ] C:\WINDOWS\system32\drivers\aapltp.sys
00:19:37.0093 0x00ec  C:\WINDOWS\system32\drivers\aapltp.sys - ok
00:19:37.0109 0x00ec  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
00:19:37.0109 0x00ec  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
00:19:37.0125 0x00ec  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
00:19:37.0125 0x00ec  C:\WINDOWS\system32\drivers\mouhid.sys - ok
00:19:37.0140 0x00ec  [ 77B1E1CC929083A64A958D3E6A0C8441, 71CF691497DE09BBFA050234E9612AAA6F0942507B8E8EE528645BEFF0051730 ] C:\WINDOWS\system32\drivers\aapltctp.sys
00:19:37.0140 0x00ec  C:\WINDOWS\system32\drivers\aapltctp.sys - ok
00:19:37.0156 0x00ec  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
00:19:37.0156 0x00ec  C:\WINDOWS\system32\drivers\atapi.sys - ok
00:19:37.0171 0x00ec  [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
00:19:37.0171 0x00ec  C:\WINDOWS\system32\drivers\wmilib.sys - ok
00:19:37.0187 0x00ec  [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
00:19:37.0187 0x00ec  C:\WINDOWS\system32\drivers\dxapi.sys - ok
00:19:37.0203 0x00ec  [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
00:19:37.0203 0x00ec  C:\WINDOWS\system32\watchdog.sys - ok
00:19:37.0218 0x00ec  [ 80AAA73D56272FD54DC6DE8643D10E9F, 0DC91699D5AF322C78AF7783CF3D55A1F561219EE32DC8DA186F2255704D52FC ] C:\WINDOWS\system32\win32k.sys
00:19:37.0218 0x00ec  C:\WINDOWS\system32\win32k.sys - ok
00:19:37.0234 0x00ec  [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
00:19:37.0234 0x00ec  C:\WINDOWS\system32\csrss.exe - ok
00:19:37.0250 0x00ec  [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
00:19:37.0250 0x00ec  C:\WINDOWS\system32\csrsrv.dll - ok
00:19:37.0281 0x00ec  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
00:19:37.0281 0x00ec  C:\WINDOWS\system32\basesrv.dll - ok
00:19:37.0296 0x00ec  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:19:37.0296 0x00ec  C:\WINDOWS\system32\winsrv.dll - ok
00:19:37.0312 0x00ec  [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll
00:19:37.0312 0x00ec  C:\WINDOWS\system32\gdi32.dll - ok
00:19:37.0328 0x00ec  [ 4A45B692D2BAA74124DF57472D5EA2F1, DFC6B595BBADFEF4930CCCF48E9FE55551CF0891571257E3E0A0DE328077A89B ] C:\WINDOWS\system32\kernel32.dll
00:19:37.0328 0x00ec  C:\WINDOWS\system32\kernel32.dll - ok
00:19:37.0343 0x00ec  [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
00:19:37.0343 0x00ec  C:\WINDOWS\system32\user32.dll - ok
00:19:37.0359 0x00ec  [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
00:19:37.0359 0x00ec  C:\WINDOWS\system32\drivers\dxg.sys - ok
00:19:37.0359 0x00ec  [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
00:19:37.0359 0x00ec  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
00:19:37.0375 0x00ec  [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
00:19:37.0375 0x00ec  C:\WINDOWS\system32\vga.dll - ok
00:19:37.0390 0x00ec  [ C669A8B0A436641AAD3C2EADA780CBB9, A2D8154A31D8AD00E4BC70C9C1E138D7D8820D7A5C0A1CF33A4745E933797525 ] C:\WINDOWS\system32\framebuf.dll
00:19:37.0390 0x00ec  C:\WINDOWS\system32\framebuf.dll - ok
00:19:37.0406 0x00ec  [ 1FB5E4AD68B9091148D2A28CF6831D77, 8ABF5F65F8509C633C24856C808854AE1AC8870A98B3DDBF9ED98B7D3CA48383 ] C:\WINDOWS\system32\vga256.dll
00:19:37.0406 0x00ec  C:\WINDOWS\system32\vga256.dll - ok
00:19:37.0421 0x00ec  [ D5A9D4E5DFD788A5F427DEC60A278FBD, 2E4F11FC9AC6761EA6D044E40A382B226C0E2B119416DD2B78D3B4B067983484 ] C:\WINDOWS\system32\vga64k.dll
00:19:37.0421 0x00ec  C:\WINDOWS\system32\vga64k.dll - ok
00:19:37.0453 0x00ec  [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
00:19:37.0453 0x00ec  C:\WINDOWS\system32\winlogon.exe - ok
00:19:37.0468 0x00ec  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
00:19:37.0468 0x00ec  C:\WINDOWS\system32\advapi32.dll - ok
00:19:37.0484 0x00ec  [ 44C164B34A72F29087ECA32411F2ED44, 112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ] C:\WINDOWS\system32\rpcrt4.dll
00:19:37.0484 0x00ec  C:\WINDOWS\system32\rpcrt4.dll - ok
00:19:37.0500 0x00ec  [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
00:19:37.0500 0x00ec  C:\WINDOWS\system32\secur32.dll - ok
00:19:37.0515 0x00ec  [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
00:19:37.0515 0x00ec  C:\WINDOWS\system32\authz.dll - ok
00:19:37.0531 0x00ec  [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
00:19:37.0531 0x00ec  C:\WINDOWS\system32\msvcrt.dll - ok
00:19:37.0546 0x00ec  [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll
00:19:37.0546 0x00ec  C:\WINDOWS\system32\crypt32.dll - ok
00:19:37.0562 0x00ec  [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
00:19:37.0562 0x00ec  C:\WINDOWS\system32\msasn1.dll - ok
00:19:37.0578 0x00ec  [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
00:19:37.0578 0x00ec  C:\WINDOWS\system32\nddeapi.dll - ok
00:19:37.0593 0x00ec  [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
00:19:37.0593 0x00ec  C:\WINDOWS\system32\netapi32.dll - ok
00:19:37.0593 0x00ec  [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
00:19:37.0609 0x00ec  C:\WINDOWS\system32\profmap.dll - ok
00:19:37.0625 0x00ec  [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
00:19:37.0625 0x00ec  C:\WINDOWS\system32\userenv.dll - ok
00:19:37.0656 0x00ec  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
00:19:37.0656 0x00ec  C:\WINDOWS\system32\psapi.dll - ok
00:19:37.0671 0x00ec  [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
00:19:37.0671 0x00ec  C:\WINDOWS\system32\regapi.dll - ok
00:19:37.0687 0x00ec  [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
00:19:37.0687 0x00ec  C:\WINDOWS\system32\setupapi.dll - ok
00:19:37.0687 0x00ec  [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
00:19:37.0687 0x00ec  C:\WINDOWS\system32\version.dll - ok
00:19:37.0703 0x00ec  [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
00:19:37.0703 0x00ec  C:\WINDOWS\system32\winsta.dll - ok
00:19:37.0718 0x00ec  [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
00:19:37.0718 0x00ec  C:\WINDOWS\system32\wintrust.dll - ok
00:19:37.0734 0x00ec  [ 16E916243BDDBAF44D98E623B2D0CEAD, A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ] C:\WINDOWS\system32\imagehlp.dll
00:19:37.0734 0x00ec  C:\WINDOWS\system32\imagehlp.dll - ok
00:19:37.0750 0x00ec  [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
00:19:37.0750 0x00ec  C:\WINDOWS\system32\ws2help.dll - ok
00:19:37.0765 0x00ec  [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
00:19:37.0765 0x00ec  C:\WINDOWS\system32\ws2_32.dll - ok
00:19:37.0781 0x00ec  [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
00:19:37.0781 0x00ec  C:\WINDOWS\system32\imm32.dll - ok
00:19:37.0812 0x00ec  [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
00:19:37.0812 0x00ec  C:\WINDOWS\system32\kbdus.dll - ok
00:19:37.0828 0x00ec  [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
00:19:37.0828 0x00ec  C:\WINDOWS\system32\msgina.dll - ok
00:19:37.0843 0x00ec  [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
00:19:37.0843 0x00ec  C:\WINDOWS\system32\comctl32.dll - ok
00:19:37.0859 0x00ec  [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
00:19:37.0859 0x00ec  C:\WINDOWS\system32\odbc32.dll - ok
00:19:37.0875 0x00ec  [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
00:19:37.0875 0x00ec  C:\WINDOWS\system32\comdlg32.dll - ok
00:19:37.0890 0x00ec  [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
00:19:37.0890 0x00ec  C:\WINDOWS\system32\shell32.dll - ok
00:19:37.0906 0x00ec  [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
00:19:37.0906 0x00ec  C:\WINDOWS\system32\shlwapi.dll - ok
00:19:37.0921 0x00ec  [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
00:19:37.0921 0x00ec  C:\WINDOWS\system32\sxs.dll - ok
00:19:37.0937 0x00ec  [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
00:19:37.0937 0x00ec  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
00:19:37.0937 0x00ec  [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
00:19:37.0937 0x00ec  C:\WINDOWS\system32\odbcint.dll - ok
00:19:37.0968 0x00ec  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
00:19:37.0968 0x00ec  C:\WINDOWS\system32\shsvcs.dll - ok
00:19:37.0984 0x00ec  [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
00:19:37.0984 0x00ec  C:\WINDOWS\system32\sfc.dll - ok
00:19:38.0015 0x00ec  [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
00:19:38.0015 0x00ec  C:\WINDOWS\system32\sfc_os.dll - ok
00:19:38.0015 0x00ec  [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
00:19:38.0015 0x00ec  C:\WINDOWS\system32\ole32.dll - ok
00:19:38.0031 0x00ec  [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
00:19:38.0031 0x00ec  C:\WINDOWS\system32\apphelp.dll - ok
00:19:38.0046 0x00ec  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
00:19:38.0046 0x00ec  C:\WINDOWS\system32\services.exe - ok
00:19:38.0062 0x00ec  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
00:19:38.0062 0x00ec  C:\WINDOWS\system32\lsass.exe - ok
00:19:38.0078 0x00ec  [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
00:19:38.0078 0x00ec  C:\WINDOWS\system32\ncobjapi.dll - ok
00:19:38.0093 0x00ec  [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
00:19:38.0093 0x00ec  C:\WINDOWS\system32\msvcp60.dll - ok
00:19:38.0109 0x00ec  [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
00:19:38.0109 0x00ec  C:\WINDOWS\system32\lsasrv.dll - ok
00:19:38.0125 0x00ec  [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
00:19:38.0125 0x00ec  C:\WINDOWS\system32\scesrv.dll - ok
00:19:38.0140 0x00ec  [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
00:19:38.0140 0x00ec  C:\WINDOWS\system32\mpr.dll - ok
00:19:38.0156 0x00ec  [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
00:19:38.0156 0x00ec  C:\WINDOWS\system32\umpnpmgr.dll - ok
00:19:38.0187 0x00ec  [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
00:19:38.0187 0x00ec  C:\WINDOWS\system32\ntdsapi.dll - ok
00:19:38.0203 0x00ec  [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
00:19:38.0203 0x00ec  C:\WINDOWS\system32\dnsapi.dll - ok
00:19:38.0218 0x00ec  [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
00:19:38.0218 0x00ec  C:\WINDOWS\system32\shimeng.dll - ok
00:19:38.0234 0x00ec  [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
00:19:38.0234 0x00ec  C:\WINDOWS\AppPatch\acadproc.dll - ok
00:19:38.0250 0x00ec  [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
00:19:38.0250 0x00ec  C:\WINDOWS\system32\wldap32.dll - ok
00:19:38.0265 0x00ec  [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
00:19:38.0265 0x00ec  C:\WINDOWS\system32\samlib.dll - ok
00:19:38.0281 0x00ec  [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
00:19:38.0281 0x00ec  C:\WINDOWS\system32\samsrv.dll - ok
00:19:38.0296 0x00ec  [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
00:19:38.0296 0x00ec  C:\WINDOWS\system32\cryptdll.dll - ok
00:19:38.0312 0x00ec  [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
00:19:38.0312 0x00ec  C:\WINDOWS\AppPatch\acgenral.dll - ok
00:19:38.0328 0x00ec  [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
00:19:38.0328 0x00ec  C:\WINDOWS\system32\oleaut32.dll - ok
00:19:38.0343 0x00ec  [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
00:19:38.0343 0x00ec  C:\WINDOWS\system32\winmm.dll - ok
00:19:38.0359 0x00ec  [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
00:19:38.0359 0x00ec  C:\WINDOWS\system32\msacm32.dll - ok
00:19:38.0375 0x00ec  [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
00:19:38.0375 0x00ec  C:\WINDOWS\system32\uxtheme.dll - ok
00:19:38.0390 0x00ec  [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
00:19:38.0390 0x00ec  C:\WINDOWS\system32\msapsspc.dll - ok
00:19:38.0406 0x00ec  [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
00:19:38.0406 0x00ec  C:\WINDOWS\system32\msvcrt40.dll - ok
00:19:38.0421 0x00ec  [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
00:19:38.0421 0x00ec  C:\WINDOWS\system32\schannel.dll - ok
00:19:38.0437 0x00ec  [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
00:19:38.0437 0x00ec  C:\WINDOWS\system32\digest.dll - ok
00:19:38.0453 0x00ec  [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
00:19:38.0453 0x00ec  C:\WINDOWS\system32\msnsspc.dll - ok
00:19:38.0468 0x00ec  [ 3F790874A85819E94574F3E7AF9C5806, 9D398D6752ED407C1E7F9B08A79DA77ACFFC060D28FA0F357C0BD5D4DE8AAD97 ] C:\WINDOWS\system32\msctfime.ime
00:19:38.0468 0x00ec  C:\WINDOWS\system32\msctfime.ime - ok
00:19:38.0484 0x00ec  [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
00:19:38.0484 0x00ec  C:\WINDOWS\system32\msprivs.dll - ok
00:19:38.0500 0x00ec  [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
00:19:38.0500 0x00ec  C:\WINDOWS\system32\kerberos.dll - ok
00:19:38.0515 0x00ec  [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
00:19:38.0515 0x00ec  C:\WINDOWS\system32\msv1_0.dll - ok
00:19:38.0546 0x00ec  [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
00:19:38.0546 0x00ec  C:\WINDOWS\system32\iphlpapi.dll - ok
00:19:38.0562 0x00ec  [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
00:19:38.0562 0x00ec  C:\WINDOWS\system32\netlogon.dll - ok
00:19:38.0578 0x00ec  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
00:19:38.0578 0x00ec  C:\WINDOWS\system32\w32time.dll - ok
00:19:38.0593 0x00ec  [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
00:19:38.0593 0x00ec  C:\WINDOWS\system32\wdigest.dll - ok
00:19:38.0609 0x00ec  [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll
00:19:38.0609 0x00ec  C:\WINDOWS\system32\atmfd.dll - ok
00:19:38.0625 0x00ec  [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
00:19:38.0625 0x00ec  C:\WINDOWS\system32\rsaenh.dll - ok
00:19:38.0640 0x00ec  [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
00:19:38.0640 0x00ec  C:\WINDOWS\system32\winscard.dll - ok
00:19:38.0640 0x00ec  [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
00:19:38.0640 0x00ec  C:\WINDOWS\system32\wtsapi32.dll - ok
00:19:38.0656 0x00ec  [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
00:19:38.0656 0x00ec  C:\WINDOWS\system32\scecli.dll - ok
00:19:38.0671 0x00ec  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
00:19:38.0671 0x00ec  C:\WINDOWS\system32\svchost.exe - ok
00:19:38.0687 0x00ec  [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
00:19:38.0687 0x00ec  C:\WINDOWS\system32\ntmarta.dll - ok
00:19:38.0703 0x00ec  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
00:19:38.0703 0x00ec  C:\WINDOWS\system32\rpcss.dll - ok
00:19:38.0718 0x00ec  [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
00:19:38.0718 0x00ec  C:\WINDOWS\system32\xpsp2res.dll - ok
00:19:38.0734 0x00ec  [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
00:19:38.0734 0x00ec  C:\WINDOWS\system32\eventlog.dll - ok
00:19:38.0765 0x00ec  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
00:19:38.0765 0x00ec  C:\WINDOWS\system32\logonui.exe - ok
00:19:38.0781 0x00ec  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
00:19:38.0781 0x00ec  C:\WINDOWS\system32\mswsock.dll - ok
00:19:38.0796 0x00ec  [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
00:19:38.0796 0x00ec  C:\WINDOWS\system32\hnetcfg.dll - ok
00:19:38.0812 0x00ec  [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
00:19:38.0812 0x00ec  C:\WINDOWS\system32\duser.dll - ok
00:19:38.0828 0x00ec  [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
00:19:38.0828 0x00ec  C:\WINDOWS\system32\msimg32.dll - ok
00:19:38.0843 0x00ec  [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
00:19:38.0843 0x00ec  C:\WINDOWS\system32\wshtcpip.dll - ok
00:19:38.0859 0x00ec  [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
00:19:38.0859 0x00ec  C:\WINDOWS\system32\oleacc.dll - ok
00:19:38.0875 0x00ec  [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
00:19:38.0875 0x00ec  C:\WINDOWS\system32\winrnr.dll - ok
00:19:38.0890 0x00ec  [ 46C55935FA730144449C884A472827E0, B5678D6FE86546FE8F42135ED68C501AAAC8ABF0C504E0CC09ABC2806BEA2FA4 ] C:\WINDOWS\system32\wshbth.dll
00:19:38.0890 0x00ec  C:\WINDOWS\system32\wshbth.dll - ok
00:19:38.0906 0x00ec  [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:19:38.0906 0x00ec  C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:19:38.0906 0x00ec  [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
00:19:38.0906 0x00ec  C:\WINDOWS\system32\rasadhlp.dll - ok
00:19:38.0937 0x00ec  [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
00:19:38.0937 0x00ec  C:\WINDOWS\system32\cscdll.dll - ok
00:19:38.0968 0x00ec  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
00:19:38.0968 0x00ec  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
00:19:38.0968 0x00ec  [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
00:19:38.0968 0x00ec  C:\WINDOWS\system32\dimsntfy.dll - ok
00:19:38.0984 0x00ec  [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
00:19:38.0984 0x00ec  C:\WINDOWS\system32\clbcatq.dll - ok
00:19:39.0000 0x00ec  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
00:19:39.0000 0x00ec  C:\WINDOWS\system32\dnsrslvr.dll - ok
00:19:39.0015 0x00ec  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
00:19:39.0015 0x00ec  C:\WINDOWS\system32\dhcpcsvc.dll - ok
00:19:39.0031 0x00ec  [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
00:19:39.0031 0x00ec  C:\WINDOWS\system32\wlnotify.dll - ok
00:19:39.0046 0x00ec  [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
00:19:39.0046 0x00ec  C:\WINDOWS\system32\winspool.drv - ok
00:19:39.0062 0x00ec  [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
00:19:39.0062 0x00ec  C:\WINDOWS\system32\comres.dll - ok
00:19:39.0078 0x00ec  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
00:19:39.0078 0x00ec  C:\WINDOWS\system32\lmhsvc.dll - ok
00:19:39.0093 0x00ec  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
00:19:39.0093 0x00ec  C:\WINDOWS\system32\wzcsvc.dll - ok
00:19:39.0109 0x00ec  [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
00:19:39.0109 0x00ec  C:\WINDOWS\system32\shgina.dll - ok
00:19:39.0140 0x00ec  [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
00:19:39.0140 0x00ec  C:\WINDOWS\system32\rtutils.dll - ok
00:19:39.0156 0x00ec  [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
00:19:39.0156 0x00ec  C:\WINDOWS\system32\wmi.dll - ok
00:19:39.0171 0x00ec  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
00:19:39.0171 0x00ec  C:\WINDOWS\system32\eapolqec.dll - ok
00:19:39.0187 0x00ec  [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
00:19:39.0187 0x00ec  C:\WINDOWS\system32\atl.dll - ok
00:19:39.0203 0x00ec  [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
00:19:39.0203 0x00ec  C:\WINDOWS\system32\qutil.dll - ok
00:19:39.0218 0x00ec  [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
00:19:39.0218 0x00ec  C:\WINDOWS\system32\dot3api.dll - ok
00:19:39.0218 0x00ec  [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
00:19:39.0218 0x00ec  C:\WINDOWS\system32\esent.dll - ok
00:19:39.0234 0x00ec  [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
00:19:39.0234 0x00ec  C:\WINDOWS\system32\rastls.dll - ok
00:19:39.0250 0x00ec  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
00:19:39.0250 0x00ec  C:\WINDOWS\system32\cryptui.dll - ok
00:19:39.0265 0x00ec  [ 9F20FEF7F8B411165174CEC20583462A, 9511FA64CF8D03A69FEACDFBAF53211A5EC7E069C313C875E1962E97D283A0A5 ] C:\WINDOWS\system32\wininet.dll
00:19:39.0265 0x00ec  C:\WINDOWS\system32\wininet.dll - ok
00:19:39.0296 0x00ec  [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
00:19:39.0296 0x00ec  C:\WINDOWS\system32\normaliz.dll - ok
00:19:39.0312 0x00ec  [ 94F96C1648D5F8E4375BF64D404C74BB, FE789E83436302DC0C9D0B1D0E9B0F8A546A9BD9693F3EB64C0B4F4159DCE379 ] C:\WINDOWS\system32\iertutil.dll
00:19:39.0312 0x00ec  C:\WINDOWS\system32\iertutil.dll - ok
00:19:39.0328 0x00ec  [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
00:19:39.0328 0x00ec  C:\WINDOWS\system32\mprapi.dll - ok
00:19:39.0343 0x00ec  [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
00:19:39.0343 0x00ec  C:\WINDOWS\system32\activeds.dll - ok
00:19:39.0359 0x00ec  [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
00:19:39.0359 0x00ec  C:\WINDOWS\system32\adsldpc.dll - ok
00:19:39.0375 0x00ec  [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
00:19:39.0375 0x00ec  C:\WINDOWS\system32\rasapi32.dll - ok
00:19:39.0390 0x00ec  [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
00:19:39.0390 0x00ec  C:\WINDOWS\system32\rasman.dll - ok
00:19:39.0406 0x00ec  [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
00:19:39.0406 0x00ec  C:\WINDOWS\system32\tapi32.dll - ok
00:19:39.0421 0x00ec  [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
00:19:39.0421 0x00ec  C:\WINDOWS\system32\riched20.dll - ok
00:19:39.0437 0x00ec  [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
00:19:39.0437 0x00ec  C:\WINDOWS\system32\raschap.dll - ok
00:19:39.0453 0x00ec  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
00:19:39.0453 0x00ec  C:\WINDOWS\system32\wkssvc.dll - ok
00:19:39.0468 0x00ec  [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
00:19:39.0468 0x00ec  C:\WINDOWS\system32\mlang.dll - ok
00:19:39.0484 0x00ec  [ 566382CA5F2C41FEAEEEFAC908F1EB92, FF25ACB5CC757F6D7FE8724EDAC16A36332406AF39745C45858AB24CAF24AC48 ] C:\WINDOWS\system32\xmlprovi.dll
00:19:39.0484 0x00ec  C:\WINDOWS\system32\xmlprovi.dll - ok
00:19:39.0515 0x00ec  [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
00:19:39.0515 0x00ec  C:\WINDOWS\system32\wzcsapi.dll - ok
00:19:39.0531 0x00ec  [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
00:19:39.0531 0x00ec  C:\WINDOWS\system32\cscui.dll - ok
00:19:39.0531 0x00ec  [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
00:19:39.0531 0x00ec  C:\WINDOWS\system32\powrprof.dll - ok
00:19:39.0546 0x00ec  [ 2BC7128348265CABA9BBC058729A8B7B, 7032BA75102B52281C343E40E03E313D692A4ACA2396B620F51429F74860A416 ] C:\WINDOWS\system32\dpcdll.dll
00:19:39.0546 0x00ec  C:\WINDOWS\system32\dpcdll.dll - ok
00:19:39.0562 0x00ec  [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
00:19:39.0562 0x00ec  C:\WINDOWS\system32\userinit.exe - ok
00:19:39.0578 0x00ec  [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
00:19:39.0578 0x00ec  C:\WINDOWS\explorer.exe - ok
00:19:39.0593 0x00ec  [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll
00:19:39.0593 0x00ec  C:\WINDOWS\system32\browseui.dll - ok
00:19:39.0609 0x00ec  [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll
00:19:39.0609 0x00ec  C:\WINDOWS\system32\shdocvw.dll - ok
00:19:39.0625 0x00ec  [ E3CD8CA170EBFE8ABAC23E7CA44B6292, CB3922E37CDFECC2693FC64285B403AB9C0FE99A2D8A48EE41091F16D5547709 ] C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\DropboxExt.22.dll
00:19:39.0625 0x00ec  C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\DropboxExt.22.dll - ok
00:19:39.0640 0x00ec  [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
00:19:39.0640 0x00ec  C:\WINDOWS\system32\dbghelp.dll - ok
00:19:39.0656 0x00ec  [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
00:19:39.0656 0x00ec  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
00:19:39.0687 0x00ec  [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
00:19:39.0687 0x00ec  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
00:19:39.0703 0x00ec  [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
00:19:39.0703 0x00ec  C:\WINDOWS\system32\desk.cpl - ok
00:19:39.0718 0x00ec  [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
00:19:39.0718 0x00ec  C:\WINDOWS\system32\themeui.dll - ok
00:19:39.0734 0x00ec  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
00:19:39.0734 0x00ec  C:\WINDOWS\system32\es.dll - ok
00:19:39.0750 0x00ec  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
00:19:39.0750 0x00ec  C:\WINDOWS\system32\cryptsvc.dll - ok
00:19:39.0765 0x00ec  [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
00:19:39.0765 0x00ec  C:\WINDOWS\system32\certcli.dll - ok
00:19:39.0781 0x00ec  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
00:19:39.0781 0x00ec  C:\WINDOWS\system32\dmserver.dll - ok
00:19:39.0781 0x00ec  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
00:19:39.0781 0x00ec  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
00:19:39.0796 0x00ec  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
00:19:39.0796 0x00ec  C:\WINDOWS\system32\netman.dll - ok
00:19:39.0812 0x00ec  [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
00:19:39.0812 0x00ec  C:\WINDOWS\system32\netshell.dll - ok
00:19:39.0843 0x00ec  [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
00:19:39.0843 0x00ec  C:\WINDOWS\system32\credui.dll - ok
00:19:39.0859 0x00ec  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
00:19:39.0859 0x00ec  C:\WINDOWS\system32\dot3dlg.dll - ok
00:19:39.0875 0x00ec  [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
00:19:39.0875 0x00ec  C:\WINDOWS\system32\onex.dll - ok
00:19:39.0890 0x00ec  [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
00:19:39.0890 0x00ec  C:\WINDOWS\system32\eappcfg.dll - ok
00:19:39.0906 0x00ec  [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
00:19:39.0906 0x00ec  C:\WINDOWS\system32\eappprxy.dll - ok
00:19:39.0921 0x00ec  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
00:19:39.0921 0x00ec  C:\WINDOWS\system32\srsvc.dll - ok
00:19:39.0937 0x00ec  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
00:19:39.0937 0x00ec  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
00:19:39.0953 0x00ec  [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
00:19:39.0953 0x00ec  C:\WINDOWS\system32\vssapi.dll - ok
00:19:39.0968 0x00ec  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll
00:19:39.0968 0x00ec  C:\WINDOWS\system32\ipnathlp.dll - ok
00:19:39.0984 0x00ec  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
00:19:39.0984 0x00ec  C:\WINDOWS\system32\termsrv.dll - ok
00:19:40.0000 0x00ec  [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
00:19:40.0000 0x00ec  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
00:19:40.0015 0x00ec  [ E16B687057603A249DA9271E9727CDB0, 0537DF45574FB17A1B8AD2AF0D571A9622B5A0A4D631F98ED115988FF075189E ] C:\WINDOWS\system32\ieframe.dll
00:19:40.0015 0x00ec  C:\WINDOWS\system32\ieframe.dll - ok
00:19:40.0046 0x00ec  [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
00:19:40.0046 0x00ec  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
00:19:40.0062 0x00ec  [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
00:19:40.0062 0x00ec  C:\WINDOWS\system32\icaapi.dll - ok
00:19:40.0078 0x00ec  [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
00:19:40.0078 0x00ec  C:\WINDOWS\system32\mstlsapi.dll - ok
00:19:40.0093 0x00ec  [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
00:19:40.0093 0x00ec  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
00:19:40.0109 0x00ec  [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
00:19:40.0109 0x00ec  C:\WINDOWS\system32\wbem\esscli.dll - ok
00:19:40.0125 0x00ec  [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
00:19:40.0125 0x00ec  C:\WINDOWS\system32\wbem\fastprox.dll - ok
00:19:40.0125 0x00ec  [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
00:19:40.0125 0x00ec  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
00:19:40.0140 0x00ec  [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
00:19:40.0140 0x00ec  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
00:19:40.0156 0x00ec  [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
00:19:40.0156 0x00ec  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
00:19:40.0171 0x00ec  [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
00:19:40.0171 0x00ec  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
00:19:40.0187 0x00ec  [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
00:19:40.0187 0x00ec  C:\WINDOWS\system32\wbem\wbemess.dll - ok
00:19:40.0218 0x00ec  [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
00:19:40.0218 0x00ec  C:\WINDOWS\system32\netcfgx.dll - ok
00:19:40.0234 0x00ec  [ B27AC9DB372E7BA30CA01A95573DD002, 054E7B67D656B7E3208630F39176AF96D7E952EE00E65CD7D1F83BEB337AE548 ] C:\PROGRA~1\WINDOW~2\wmpband.dll
00:19:40.0234 0x00ec  C:\PROGRA~1\WINDOW~2\wmpband.dll - ok
00:19:40.0250 0x00ec  [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
00:19:40.0250 0x00ec  C:\WINDOWS\system32\clusapi.dll - ok
00:19:40.0265 0x00ec  [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
00:19:40.0265 0x00ec  C:\WINDOWS\system32\linkinfo.dll - ok
00:19:40.0281 0x00ec  [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
00:19:40.0281 0x00ec  C:\WINDOWS\system32\ntshrui.dll - ok
00:19:40.0296 0x00ec  [ EDFA163FDBD7051CD9148410E4B56AF0, 8DB4A369F42FF3701E02DE3B3BA182E81B4690D6B95AA2C7281B43CCFBF9C242 ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
00:19:40.0296 0x00ec  C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
00:19:40.0312 0x00ec  [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\WINDOWS\system32\msvcp100.dll
00:19:40.0312 0x00ec  C:\WINDOWS\system32\msvcp100.dll - ok
00:19:40.0328 0x00ec  [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\WINDOWS\system32\msvcr100.dll
00:19:40.0328 0x00ec  C:\WINDOWS\system32\msvcr100.dll - ok
00:19:40.0343 0x00ec  [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
00:19:40.0343 0x00ec  C:\WINDOWS\system32\verclsid.exe - ok
00:19:40.0359 0x00ec  [ EA87F150E722E4AB866AD0A13382FA02, D28BE0D1210D9DFEBF313A93227DDF5BFFE6B6EE9980FAD238503CA135FBDA10 ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
00:19:40.0359 0x00ec  C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
00:19:40.0375 0x00ec  [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll
00:19:40.0375 0x00ec  C:\WINDOWS\system32\upnp.dll - ok
00:19:40.0390 0x00ec  [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
00:19:40.0390 0x00ec  C:\WINDOWS\system32\winhttp.dll - ok
00:19:40.0421 0x00ec  [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll
00:19:40.0421 0x00ec  C:\WINDOWS\system32\ssdpapi.dll - ok
00:19:40.0437 0x00ec  [ 8C22083ED515DC94D575438662F0BE6A, 67DC2A393AE31764C090BE2AEFAD3E20220538152157BAEBF366112166FEAB23 ] C:\WINDOWS\system32\msi.dll
00:19:40.0437 0x00ec  C:\WINDOWS\system32\msi.dll - ok
00:19:40.0453 0x00ec  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
00:19:40.0453 0x00ec  C:\WINDOWS\system32\rasmans.dll - ok
00:19:40.0468 0x00ec  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
00:19:40.0468 0x00ec  C:\WINDOWS\system32\sens.dll - ok
00:19:40.0468 0x00ec  [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
00:19:40.0468 0x00ec  C:\WINDOWS\system32\winipsec.dll - ok
00:19:40.0484 0x00ec  [ E083ADCF3E6233473C122B9AA5ADBAA0, 812053B4EB9C5D62C600E82DAFD882D6B71422EF498EBCD789CFC4E5954B860D ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll
00:19:40.0484 0x00ec  C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll - ok
00:19:40.0500 0x00ec  [ C0D4312262C7B1A46AADB8418B85D8FA, 7614A88F0C811E6D78D8B481D64DA986A7E1CE786CC1BEC02968303EEEB8103B ] C:\WINDOWS\system32\urlmon.dll
00:19:40.0500 0x00ec  C:\WINDOWS\system32\urlmon.dll - ok
00:19:40.0515 0x00ec  [ EC0FDA23B893786CF3F9734CAE2DDC74, B60B66E237CF8FF4638AF5CB6B68DD791C39D2B14D74B239ACE8F08D318CD677 ] C:\Program Files\Adobe\Reader 11.0\Reader\AGM.dll
00:19:40.0515 0x00ec  C:\Program Files\Adobe\Reader 11.0\Reader\AGM.dll - ok
00:19:40.0531 0x00ec  [ F2C994E692EEAA2EAA49FECCB656F0E1, F3B48B1EFDCB45782E9D17063DDA458838E17F089ABB9FC1241AC22FF1DFDCFF ] C:\Program Files\Adobe\Reader 11.0\Reader\CoolType.dll
00:19:40.0531 0x00ec  C:\Program Files\Adobe\Reader 11.0\Reader\CoolType.dll - ok
00:19:40.0546 0x00ec  [ 57ED2EDE89BD9D8FE1475DDDC701AAF0, 1C155D0F68E830E12345B1B7A1861940626F7630040932D19D76176B13D5A674 ] C:\Program Files\Adobe\Reader 11.0\Reader\BIB.dll
00:19:40.0546 0x00ec  C:\Program Files\Adobe\Reader 11.0\Reader\BIB.dll - ok
00:19:40.0562 0x00ec  [ 8D7360835BBF21D8FD2AEEF7E046871C, 08C37DE7DC9C3CF1197D54041CB87D872495EDCCADA88F7B06166807CC04D7C5 ] C:\Program Files\Adobe\Reader 11.0\Reader\ACE.dll
00:19:40.0562 0x00ec  C:\Program Files\Adobe\Reader 11.0\Reader\ACE.dll - ok
00:19:40.0578 0x00ec  [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
00:19:40.0578 0x00ec  C:\WINDOWS\system32\drprov.dll - ok
00:19:40.0593 0x00ec  [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
00:19:40.0593 0x00ec  C:\WINDOWS\system32\ntlanman.dll - ok
00:19:40.0625 0x00ec  [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
00:19:40.0625 0x00ec  C:\WINDOWS\system32\netui0.dll - ok
00:19:40.0640 0x00ec  [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
00:19:40.0640 0x00ec  C:\WINDOWS\system32\netui1.dll - ok
00:19:40.0656 0x00ec  [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
00:19:40.0656 0x00ec  C:\WINDOWS\system32\netrap.dll - ok
00:19:40.0671 0x00ec  [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
00:19:40.0671 0x00ec  C:\WINDOWS\system32\davclnt.dll - ok
00:19:40.0687 0x00ec  [ 92B5CD64AD69DC9DAEEFBA22292A7D70, E02B8AAB900F3C58BC7F489C0C2DCCDC93CB6663A9CD0849C26954578F332CB4 ] C:\Program Files\Adobe\Reader 11.0\Reader\AdobeXMP.dll
00:19:40.0687 0x00ec  C:\Program Files\Adobe\Reader 11.0\Reader\AdobeXMP.dll - ok
00:19:40.0703 0x00ec  [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
00:19:40.0703 0x00ec  C:\WINDOWS\system32\wbem\ncprov.dll - ok
00:19:40.0718 0x00ec  [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
00:19:40.0718 0x00ec  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
00:19:40.0734 0x00ec  [ F3370C98F4981EDA6036689D298E67B9, E003ACCF1FEB1DF3C01BA494CC21449990249424967BFD5509949FA1D8A1E072 ] C:\WINDOWS\system32\browselc.dll
00:19:40.0734 0x00ec  C:\WINDOWS\system32\browselc.dll - ok
00:19:40.0734 0x00ec  [ 5D999BF519415D1C8EE0B97FF6A254DB, 7E928AEF934288404342CDDD4B7761D35BC5F70662CFC7100066E9115AC60212 ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
00:19:40.0734 0x00ec  C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
00:19:40.0750 0x00ec  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
00:19:40.0750 0x00ec  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
00:19:40.0781 0x00ec  [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
00:19:40.0781 0x00ec  C:\WINDOWS\system32\cryptnet.dll - ok
00:19:40.0812 0x00ec  [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
00:19:40.0812 0x00ec  C:\WINDOWS\system32\sensapi.dll - ok
00:19:40.0812 0x00ec  [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll
00:19:40.0812 0x00ec  C:\WINDOWS\system32\cabinet.dll - ok
00:19:40.0828 0x00ec  [ 4D34E18A2F895ACB4903A299E922314B, 7289CAF00F0D39A5F0DE812A7197F6B1D2B88DDC171D0E33336523F9E128BF46 ] C:\Documents and Settings\Andre Stone\My Documents\Downloads\tdsskiller.exe
00:19:40.0828 0x00ec  C:\Documents and Settings\Andre Stone\My Documents\Downloads\tdsskiller.exe - ok
00:19:40.0843 0x00ec  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{4E7D4685-0A2C-4BAA-8AB9-25C5466E4ECC}.tmp
00:19:40.0843 0x00ec  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{4E7D4685-0A2C-4BAA-8AB9-25C5466E4ECC}.tmp - ok
00:19:40.0859 0x00ec  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{D253B0A9-876B-41AD-A5DA-A841D062673D}.tmp
00:19:40.0859 0x00ec  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{D253B0A9-876B-41AD-A5DA-A841D062673D}.tmp - ok
00:19:40.0875 0x00ec  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{FFD76022-8E4B-437D-9E4E-C3D6072D73AF}.tmp
00:19:40.0875 0x00ec  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{FFD76022-8E4B-437D-9E4E-C3D6072D73AF}.tmp - ok
00:19:40.0890 0x00ec  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{CE87B97E-EC1D-462D-8966-DBED87EB7579}.tmp
00:19:40.0890 0x00ec  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{CE87B97E-EC1D-462D-8966-DBED87EB7579}.tmp - ok
00:19:40.0906 0x00ec  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{63B0B5D4-6A42-41F3-81B7-F5A47F64F896}.tmp
00:19:40.0906 0x00ec  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{63B0B5D4-6A42-41F3-81B7-F5A47F64F896}.tmp - ok
00:19:40.0921 0x00ec  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{0783EB71-2A6A-4DE1-8F12-65A29D6ED372}.tmp
00:19:40.0921 0x00ec  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{0783EB71-2A6A-4DE1-8F12-65A29D6ED372}.tmp - ok
00:19:40.0937 0x00ec  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{F2E9F975-5DFB-4118-8C82-8DD2FF49A04E}.tmp
00:19:40.0937 0x00ec  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{F2E9F975-5DFB-4118-8C82-8DD2FF49A04E}.tmp - ok
00:19:40.0953 0x00ec  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{3210DE73-6EF4-4548-84AE-C6FA2921539A}.tmp
00:19:40.0953 0x00ec  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{3210DE73-6EF4-4548-84AE-C6FA2921539A}.tmp - ok
00:19:40.0984 0x00ec  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{1D1D3A00-869E-489A-8E86-267020803AA3}.tmp
00:19:40.0984 0x00ec  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{1D1D3A00-869E-489A-8E86-267020803AA3}.tmp - ok
00:19:41.0000 0x00ec  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{EE6CE821-DFDD-4A1B-8263-65FDAB301742}.tmp
00:19:41.0000 0x00ec  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{EE6CE821-DFDD-4A1B-8263-65FDAB301742}.tmp - ok
00:19:41.0109 0x00ec  AV detected via SS1: ESET Smart Security 6.0, 6.0, enabled, outofdate
00:19:41.0125 0x00ec  FW detected via SS1: ESET Personal firewall, 6.0.316.0, disabled
00:19:41.0125 0x00ec  Win FW state via NFM: enabled
00:19:41.0578 0x00ec  ============================================================
00:19:41.0578 0x00ec  Scan finished
00:19:41.0578 0x00ec  ============================================================
00:19:41.0593 0x00e4  Detected object count: 0
00:19:41.0593 0x00e4  Actual detected object count: 0
00:20:25.0265 0x0308  ============================================================
00:20:25.0265 0x0308  Scan started
00:20:25.0265 0x0308  Mode: Manual; SigCheck; TDLFS;
00:20:25.0265 0x0308  ============================================================
00:20:25.0265 0x0308  KSN ping started
00:20:28.0265 0x0308  KSN ping finished: true
00:20:28.0859 0x0308  ================ Scan system memory ========================
00:20:28.0859 0x0308  System memory - ok
00:20:28.0859 0x0308  ================ Scan services =============================
00:20:29.0000 0x0308  [ 77B1E1CC929083A64A958D3E6A0C8441, 71CF691497DE09BBFA050234E9612AAA6F0942507B8E8EE528645BEFF0051730 ] aapltctp        C:\WINDOWS\system32\DRIVERS\aapltctp.sys
00:20:29.0796 0x0308  aapltctp - ok
00:20:29.0828 0x0308  [ 6430D3F927854C82C31F27E288C54CBB, BE559D3D78468FEFA8738203732CD0B713FA588F39C74E73744680C4AF137159 ] aapltp          C:\WINDOWS\system32\DRIVERS\aapltp.sys
00:20:30.0187 0x0308  aapltp - ok
00:20:30.0187 0x0308  Abiosdsk - ok
00:20:30.0203 0x0308  abp480n5 - ok
00:20:30.0265 0x0308  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:20:31.0984 0x0308  ACPI - ok
00:20:32.0031 0x0308  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
00:20:32.0125 0x0308  ACPIEC - ok
00:20:32.0218 0x0308  [ 6D182C31ACF16213407F2768F1107FE3, 92B602152AB9F93A7AC510A01AEF714ED8EE30C9306E3D44BECEE10EC3464184 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
00:20:32.0250 0x0308  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
00:20:32.0250 0x0308  Detect skipped due to KSN trusted
00:20:32.0250 0x0308  Adobe LM Service - ok
00:20:32.0343 0x0308  [ 476BB014F3F68C0C15EDDD5B444DA8FF, 94E8FDC4390672C31081EACF3B3AE57486ED06669C4120F139DB3A62AAE77071 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:20:32.0359 0x0308  AdobeFlashPlayerUpdateSvc - ok
00:20:32.0359 0x0308  adpu160m - ok
00:20:32.0390 0x0308  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
00:20:32.0500 0x0308  aec - ok
00:20:32.0562 0x0308  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
00:20:32.0625 0x0308  AFD - ok
00:20:32.0640 0x0308  Aha154x - ok
00:20:32.0656 0x0308  aic78u2 - ok
00:20:32.0671 0x0308  aic78xx - ok
00:20:32.0734 0x0308  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
00:20:32.0843 0x0308  Alerter - ok
00:20:32.0875 0x0308  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
00:20:33.0000 0x0308  ALG - ok
00:20:33.0015 0x0308  AliIde - ok
00:20:33.0031 0x0308  amsint - ok
00:20:33.0093 0x0308  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:20:33.0109 0x0308  Apple Mobile Device - ok
00:20:33.0156 0x0308  [ 6BB0152196F33E1F6F490EDF48AB1BA9, 7EEAC5D62570E45D2539F6763B108DC2A2B149AA60CB2D7A254F030A3045E2A5 ] applebt         C:\WINDOWS\system32\DRIVERS\applebt.sys
00:20:33.0203 0x0308  applebt - ok
00:20:33.0234 0x0308  [ E1C456F933D27813B46CA4BB2071B947, D74CA943CEC3032B43E98CD8F6C5FCA8845C01580278D8587B557843790EC506 ] AppleOSSMgr     C:\WINDOWS\system32\AppleOSSMgr.exe
00:20:33.0234 0x0308  AppleOSSMgr - ok
00:20:33.0281 0x0308  [ 9C55D327A8A2A8234D43193ADDE2B5F0, D83033AD367B33E5180CA7AB7FAC7A90F188D24F20916C4BE978C97B4B5CCEA3 ] AppleTimeSrv    C:\WINDOWS\system32\AppleTimeSrv.exe
00:20:33.0296 0x0308  AppleTimeSrv - ok
00:20:33.0328 0x0308  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
00:20:33.0437 0x0308  AppMgmt - ok
00:20:33.0484 0x0308  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:20:33.0593 0x0308  Arp1394 - ok
00:20:33.0609 0x0308  asc - ok
00:20:33.0625 0x0308  asc3350p - ok
00:20:33.0640 0x0308  asc3550 - ok
00:20:33.0750 0x0308  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:20:33.0765 0x0308  aspnet_state - ok
00:20:33.0796 0x0308  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:20:33.0906 0x0308  AsyncMac - ok
00:20:33.0937 0x0308  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
00:20:34.0062 0x0308  atapi - ok
00:20:34.0078 0x0308  Atdisk - ok
00:20:34.0125 0x0308  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:20:34.0218 0x0308  Atmarpc - ok
00:20:34.0250 0x0308  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
00:20:34.0359 0x0308  AudioSrv - ok
00:20:34.0406 0x0308  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
00:20:34.0515 0x0308  audstub - ok
00:20:34.0609 0x0308  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe
00:20:34.0640 0x0308  BBSvc - ok
00:20:34.0703 0x0308  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
00:20:34.0718 0x0308  BBUpdate - ok
00:20:34.0812 0x0308  [ E9EA635B8432D68F0005B3F6CEBAB837, 62E9C7AE02836457EB50C816B6BCB671F2918FD5A451415257077A4CC99CA2AB ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
00:20:34.0906 0x0308  BCM43XX - ok
00:20:34.0953 0x0308  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
00:20:35.0062 0x0308  Beep - ok
00:20:35.0125 0x0308  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
00:20:35.0250 0x0308  BITS - ok
00:20:35.0359 0x0308  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:20:35.0375 0x0308  Bonjour Service - ok
00:20:35.0406 0x0308  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
00:20:35.0468 0x0308  Browser - ok
00:20:35.0500 0x0308  [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
00:20:35.0609 0x0308  BthEnum - ok
00:20:35.0640 0x0308  [ 8787E193FCEB88F12CE2B1A0BBC3F64E, 7A66D6E850F6ECF068EEF56333271A585096CED6F02E54083E0FE96012565D7B ] BthKicker       C:\WINDOWS\system32\DRIVERS\BthKicker.sys
00:20:35.0687 0x0308  BthKicker - ok
00:20:35.0718 0x0308  [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
00:20:35.0812 0x0308  BthPan - ok
00:20:35.0859 0x0308  [ 662BFD909447DD9CC15B1A1C366583B4, 2E012304336769C24A6EFB4D975BA3F21289827A5EB4C9A8216E941344348447 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
00:20:35.0937 0x0308  BTHPORT - ok
00:20:35.0984 0x0308  [ F4C43C66471B87996D95DB7A3A664A37, C7324DBF75376578EC254FD64E2564FEF9A35B58DFE1095389F769F37EA68B21 ] BthServ         C:\WINDOWS\System32\bthserv.dll
00:20:36.0078 0x0308  BthServ - ok
00:20:36.0109 0x0308  [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
00:20:36.0218 0x0308  BTHUSB - ok
00:20:36.0359 0x0308  catchme - ok
00:20:36.0390 0x0308  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
00:20:36.0500 0x0308  cbidf2k - ok
00:20:36.0546 0x0308  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:20:36.0656 0x0308  CCDECODE - ok
00:20:36.0656 0x0308  cd20xrnt - ok
00:20:36.0687 0x0308  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
00:20:36.0796 0x0308  Cdaudio - ok
00:20:36.0828 0x0308  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
00:20:36.0921 0x0308  Cdfs - ok
00:20:36.0953 0x0308  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:20:37.0062 0x0308  Cdrom - ok
00:20:37.0062 0x0308  Changer - ok
00:20:37.0109 0x0308  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
00:20:37.0234 0x0308  CiSvc - ok
00:20:37.0250 0x0308  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
00:20:37.0375 0x0308  ClipSrv - ok
00:20:37.0421 0x0308  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:20:37.0437 0x0308  clr_optimization_v2.0.50727_32 - ok
00:20:37.0500 0x0308  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:20:37.0515 0x0308  clr_optimization_v4.0.30319_32 - ok
00:20:37.0531 0x0308  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:20:37.0656 0x0308  CmBatt - ok
00:20:37.0656 0x0308  CmdIde - ok
00:20:37.0687 0x0308  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:20:37.0796 0x0308  Compbatt - ok
00:20:37.0796 0x0308  COMSysApp - ok
00:20:37.0843 0x0308  Cpqarray - ok
00:20:37.0890 0x0308  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
00:20:37.0984 0x0308  CryptSvc - ok
00:20:38.0000 0x0308  dac2w2k - ok
00:20:38.0015 0x0308  dac960nt - ok
00:20:38.0062 0x0308  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
00:20:38.0156 0x0308  DcomLaunch - ok
00:20:38.0203 0x0308  [ 6C601D712318E4F71EA08055F68BFF64, 8D42D6AD2B0806B736D365FAF42CFC123E15513B3CA90D2DE17891CF3127D79A ] DevUpper        C:\WINDOWS\system32\DRIVERS\iSightFT.sys
00:20:38.0203 0x0308  DevUpper - ok
00:20:38.0250 0x0308  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
00:20:38.0359 0x0308  Dhcp - ok
00:20:38.0390 0x0308  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
00:20:38.0484 0x0308  Disk - ok
00:20:38.0515 0x0308  dmadmin - ok
00:20:38.0578 0x0308  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
00:20:38.0718 0x0308  dmboot - ok
00:20:38.0765 0x0308  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
00:20:38.0875 0x0308  dmio - ok
00:20:38.0921 0x0308  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
00:20:39.0015 0x0308  dmload - ok
00:20:39.0062 0x0308  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
00:20:39.0171 0x0308  dmserver - ok
00:20:39.0187 0x0308  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
00:20:39.0296 0x0308  DMusic - ok
00:20:39.0343 0x0308  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
00:20:39.0437 0x0308  Dnscache - ok
00:20:39.0484 0x0308  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
00:20:39.0609 0x0308  Dot3svc - ok
00:20:39.0656 0x0308  [ 3E4B043F8BC6BE1D4820CC6C9C500306, 41F5AB9F3D65FEF3AB50562A3B91A3268B887CCF7FE5FC9D49478147700C72F4 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
00:20:39.0765 0x0308  dot4 - ok
00:20:39.0796 0x0308  [ 77CE63A8A34AE23D9FE4C7896D1DEBE7, FC17B00AEDC57AC436EACD2D576642098479E5CE10A42775D339B66A53460DC7 ] Dot4Print       C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
00:20:39.0906 0x0308  Dot4Print - ok
00:20:39.0937 0x0308  [ 6EC3AF6BB5B30E488A0C559921F012E1, 2BB92048A3FB4AEE6B852B9E2F2B2743A8EB73FEBD62273FDB40EF5C90CD5962 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
00:20:40.0031 0x0308  dot4usb - ok
00:20:40.0046 0x0308  dpti2o - ok
00:20:40.0093 0x0308  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
00:20:40.0187 0x0308  drmkaud - ok
00:20:40.0234 0x0308  [ 14EA0C26137744636EB25B3FF1F2B02E, D621C86FBE526323393A359F19564BD9492D3B03C40889C6455337FF93F63A97 ] eamon           C:\WINDOWS\system32\DRIVERS\eamon.sys
00:20:40.0265 0x0308  eamon - ok
00:20:40.0312 0x0308  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
00:20:40.0421 0x0308  EapHost - ok
00:20:40.0453 0x0308  [ 366369746D1818FDD8589D1F2C8A6D03, 3EF30C36DEAB79C2E971CA189BDEBAC2491956D3C834E0D1ECCACBD23717B128 ] ehdrv           C:\WINDOWS\system32\DRIVERS\ehdrv.sys
00:20:40.0484 0x0308  ehdrv - ok
00:20:40.0640 0x0308  [ 7FE34FD5652C54BDA8D2DF8AC92E833A, 2B2836F47398AAD173F0D5C016B3B4DAB13F4EEC991B05D3C8B1DF310B25A96A ] ekrn            C:\Program Files\ESET\ESET Smart Security\ekrn.exe
00:20:40.0687 0x0308  ekrn - ok
00:20:40.0765 0x0308  [ 5F08103444A1B5B2A38EAB729DE0A1A3, 0A8C2F9064F67A167B17E22A57F1C2866B4923C8BB702D0AAE4AE0D5D9C4F689 ] epfw            C:\WINDOWS\system32\DRIVERS\epfw.sys
00:20:40.0781 0x0308  epfw - ok
00:20:40.0828 0x0308  [ 03C6C226BC364D23682A8A5AE136F038, 824BA2F956853556958E26D56B5F54AD5FAC9C7E638AA4BF2502D2E7B5EA171D ] Epfwndis        C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
00:20:40.0828 0x0308  Epfwndis - ok
00:20:40.0875 0x0308  [ FEDBE43C34EF0D4CB249C22964B0E17D, 79844F1953F7593AAFA0D166DA97B69F6F6B63AA4C48265B15944FBF17B15603 ] epfwtdi         C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
00:20:40.0890 0x0308  epfwtdi - ok
00:20:40.0921 0x0308  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
00:20:41.0031 0x0308  ERSvc - ok
00:20:41.0078 0x0308  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
00:20:41.0125 0x0308  Eventlog - ok
00:20:41.0187 0x0308  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
00:20:41.0265 0x0308  EventSystem - ok
00:20:41.0296 0x0308  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
00:20:41.0406 0x0308  Fastfat - ok
00:20:41.0453 0x0308  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:20:41.0500 0x0308  FastUserSwitchingCompatibility - ok
00:20:41.0546 0x0308  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
00:20:41.0640 0x0308  Fdc - ok
00:20:41.0656 0x0308  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
00:20:41.0765 0x0308  Fips - ok
00:20:41.0781 0x0308  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
00:20:41.0875 0x0308  Flpydisk - ok
00:20:41.0937 0x0308  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
00:20:42.0015 0x0308  FltMgr - ok
00:20:42.0078 0x0308  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:20:42.0093 0x0308  FontCache3.0.0.0 - ok
00:20:42.0109 0x0308  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:20:42.0218 0x0308  Fs_Rec - ok
00:20:42.0234 0x0308  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:20:42.0343 0x0308  Ftdisk - ok
00:20:42.0375 0x0308  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:20:42.0390 0x0308  GEARAspiWDM - ok
00:20:42.0421 0x0308  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:20:42.0531 0x0308  Gpc - ok
00:20:42.0578 0x0308  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:20:42.0687 0x0308  HDAudBus - ok
00:20:42.0750 0x0308  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:20:42.0843 0x0308  helpsvc - ok
00:20:42.0875 0x0308  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
00:20:42.0953 0x0308  HidServ - ok
00:20:43.0015 0x0308  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:20:43.0109 0x0308  hidusb - ok
00:20:43.0156 0x0308  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
00:20:43.0265 0x0308  hkmsvc - ok
00:20:43.0265 0x0308  hpn - ok
00:20:43.0328 0x0308  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
00:20:43.0375 0x0308  HTTP - ok
00:20:43.0406 0x0308  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
00:20:43.0515 0x0308  HTTPFilter - ok
00:20:43.0531 0x0308  i2omgmt - ok
00:20:43.0546 0x0308  i2omp - ok
00:20:43.0921 0x0308  [ F1E21FADAE4A4F98D969683AB4EF44C6, C070CEF5C74E25145719694D24FA99B9BA13C31A1017A89A9E3B77A9884E3AFF ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
00:20:44.0296 0x0308  ialm - ok
00:20:44.0484 0x0308  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:20:44.0515 0x0308  idsvc - ok
00:20:44.0593 0x0308  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
00:20:44.0703 0x0308  Imapi - ok
00:20:44.0796 0x0308  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
00:20:44.0937 0x0308  ImapiService - ok
00:20:44.0953 0x0308  ini910u - ok
00:20:45.0281 0x0308  [ 613A2B00DA1D4A80DE1EC8CFB52C0D89, 604C591666569F38B82845448A6893CA06EBE0AC58F810DC6A1E3455C33831E1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:20:45.0593 0x0308  IntcAzAudAddService - ok
00:20:45.0609 0x0308  IntelIde - ok
00:20:45.0656 0x0308  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:20:45.0734 0x0308  intelppm - ok
00:20:45.0765 0x0308  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
00:20:45.0859 0x0308  Ip6Fw - ok
00:20:45.0906 0x0308  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:20:46.0015 0x0308  IpFilterDriver - ok
00:20:46.0046 0x0308  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:20:46.0156 0x0308  IpInIp - ok
00:20:46.0203 0x0308  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:20:46.0296 0x0308  IpNat - ok
00:20:46.0390 0x0308  [ E46B17060D3962A384AE484094614788, 9E8EF45C72A01FA586FF028B62F6675114CC9CBBCE172A789EDA754AE3F79121 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
00:20:46.0421 0x0308  iPod Service - ok
00:20:46.0484 0x0308  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:20:46.0593 0x0308  IPSec - ok
00:20:46.0609 0x0308  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
00:20:46.0734 0x0308  IRENUM - ok
00:20:46.0765 0x0308  [ 7BAEF646E550106B039849B72244A35A, 27CB155D23D8D9CFB3C6A408B9A056A503A0FB18BEE85B9B7A79173D114DF710 ] IRRemoteFlt     C:\WINDOWS\system32\DRIVERS\IRFilter.sys
00:20:46.0796 0x0308  IRRemoteFlt - ok
00:20:46.0828 0x0308  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:20:46.0921 0x0308  isapnp - ok
00:20:46.0953 0x0308  [ EFC804EF56E3AF0430C185D533B648C6, 591C2F5B68783AEE7FECF692629DD44102B164C312EA9FFE3621536AF95426AA ] iSightUpdate    C:\WINDOWS\system32\DRIVERS\iSightUP.sys
00:20:46.0984 0x0308  iSightUpdate - ok
00:20:47.0046 0x0308  [ 4F2143570D2250CA4C4A4C98553C82CD, 39AD6205A402270E349A8213CA3A13FD62E2FD958AB846EE8ACCCBCDB44E98C3 ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
00:20:47.0062 0x0308  JavaQuickStarterService - ok
00:20:47.0078 0x0308  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:20:47.0171 0x0308  Kbdclass - ok
00:20:47.0203 0x0308  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:20:47.0296 0x0308  kbdhid - ok
00:20:47.0328 0x0308  [ 41FFD6CF9745C54FA2310CFEC88EE5ED, 14721FCE42AE3F370169DD46B67B38DCAC57CA9F8F6D31661FFCA97465C924C0 ] KeyAgent        C:\WINDOWS\system32\drivers\KeyAgent.sys
00:20:47.0343 0x0308  KeyAgent - detected UnsignedFile.Multi.Generic ( 1 )
00:20:47.0343 0x0308  Detect skipped due to KSN trusted
00:20:47.0343 0x0308  KeyAgent - ok
00:20:47.0390 0x0308  [ F0135C184560C73AACD53AD07A9AA434, C8F8D0147EDFC4472B4240E84527D51FC7A004E70EFB4EEF79F4773698D8485D ] KeyMagic        C:\WINDOWS\system32\DRIVERS\KeyMagic.sys
00:20:47.0421 0x0308  KeyMagic - ok
00:20:47.0453 0x0308  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
00:20:47.0562 0x0308  kmixer - ok
00:20:47.0609 0x0308  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
00:20:47.0703 0x0308  KSecDD - ok
00:20:47.0750 0x0308  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
00:20:47.0796 0x0308  lanmanserver - ok
00:20:47.0843 0x0308  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:20:47.0906 0x0308  lanmanworkstation - ok
00:20:47.0906 0x0308  lbrtfdc - ok
00:20:47.0968 0x0308  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
00:20:48.0078 0x0308  LmHosts - ok
00:20:48.0125 0x0308  [ 67817E31ACB988465AAFE7D51888002B, C641E4A8976D6FBB8486E1655A17A96AFCB64DB72896EE05D90F71D314D419E6 ] MacHALDriver    C:\WINDOWS\system32\drivers\MacHALDriver.sys
00:20:48.0140 0x0308  MacHALDriver - detected UnsignedFile.Multi.Generic ( 1 )
00:20:48.0140 0x0308  Detect skipped due to KSN trusted
00:20:48.0140 0x0308  MacHALDriver - ok
00:20:48.0171 0x0308  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
00:20:48.0203 0x0308  MBAMProtector - ok
00:20:48.0296 0x0308  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:20:48.0328 0x0308  MBAMScheduler - ok
00:20:48.0390 0x0308  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
00:20:48.0421 0x0308  MBAMService - ok
00:20:48.0531 0x0308  [ DDCC236009C707761D60E5C76D639176, 7D88944E4DC258C9B7B23E44CAF515BBB2A6E3831CF059AC03DF2CDB3953A04C ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
00:20:48.0546 0x0308  McComponentHostService - ok
00:20:48.0640 0x0308  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
00:20:48.0671 0x0308  MDM - detected UnsignedFile.Multi.Generic ( 1 )
00:20:48.0671 0x0308  Detect skipped due to KSN trusted
00:20:48.0671 0x0308  MDM - ok
00:20:48.0703 0x0308  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
00:20:48.0812 0x0308  Messenger - ok
00:20:48.0875 0x0308  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
00:20:48.0953 0x0308  mnmdd - ok
00:20:49.0000 0x0308  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
00:20:49.0093 0x0308  mnmsrvc - ok
00:20:49.0140 0x0308  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
00:20:49.0250 0x0308  Modem - ok
00:20:49.0281 0x0308  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:20:49.0375 0x0308  Mouclass - ok
00:20:49.0421 0x0308  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:20:49.0531 0x0308  mouhid - ok
00:20:49.0546 0x0308  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
00:20:49.0656 0x0308  MountMgr - ok
00:20:49.0703 0x0308  [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:20:49.0718 0x0308  MozillaMaintenance - ok
00:20:49.0734 0x0308  mraid35x - ok
00:20:49.0781 0x0308  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:20:49.0875 0x0308  MRxDAV - ok
00:20:49.0953 0x0308  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:20:50.0000 0x0308  MRxSmb - ok
00:20:50.0062 0x0308  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
00:20:50.0171 0x0308  MSDTC - ok
00:20:50.0203 0x0308  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
00:20:50.0296 0x0308  Msfs - ok
00:20:50.0312 0x0308  MSIServer - ok
00:20:50.0343 0x0308  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:20:50.0453 0x0308  MSKSSRV - ok
00:20:50.0484 0x0308  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:20:50.0593 0x0308  MSPCLOCK - ok
00:20:50.0609 0x0308  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
00:20:50.0718 0x0308  MSPQM - ok
00:20:50.0734 0x0308  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:20:50.0812 0x0308  mssmbios - ok
00:20:50.0921 0x0308  MSSQL$PRISM_SQL - ok
00:20:51.0000 0x0308  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
00:20:51.0015 0x0308  MSSQLServerADHelper - ok
00:20:51.0031 0x0308  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
00:20:51.0140 0x0308  MSTEE - ok
00:20:51.0187 0x0308  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
00:20:51.0250 0x0308  Mup - ok
00:20:51.0296 0x0308  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:20:51.0421 0x0308  NABTSFEC - ok
00:20:51.0484 0x0308  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
00:20:51.0593 0x0308  napagent - ok
00:20:51.0640 0x0308  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
00:20:51.0734 0x0308  NDIS - ok
00:20:51.0765 0x0308  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:20:51.0875 0x0308  NdisIP - ok
00:20:51.0921 0x0308  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:20:51.0968 0x0308  NdisTapi - ok
00:20:51.0984 0x0308  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:20:52.0078 0x0308  Ndisuio - ok
00:20:52.0109 0x0308  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:20:52.0218 0x0308  NdisWan - ok
00:20:52.0265 0x0308  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
00:20:52.0296 0x0308  NDProxy - ok
00:20:52.0328 0x0308  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
00:20:52.0421 0x0308  NetBIOS - ok
00:20:52.0468 0x0308  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
00:20:52.0578 0x0308  NetBT - ok
00:20:52.0625 0x0308  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
00:20:52.0750 0x0308  NetDDE - ok
00:20:52.0765 0x0308  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
00:20:52.0859 0x0308  NetDDEdsdm - ok
00:20:52.0906 0x0308  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
00:20:53.0015 0x0308  Netlogon - ok
00:20:53.0062 0x0308  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
00:20:53.0171 0x0308  Netman - ok
00:20:53.0203 0x0308  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:20:53.0218 0x0308  NetTcpPortSharing - ok
00:20:53.0250 0x0308  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:20:53.0343 0x0308  NIC1394 - ok
00:20:53.0390 0x0308  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
00:20:53.0406 0x0308  Nla - ok
00:20:53.0406 0x0308  Nmea - ok
00:20:53.0453 0x0308  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
00:20:53.0562 0x0308  Npfs - ok
00:20:53.0609 0x0308  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
00:20:53.0734 0x0308  Ntfs - ok
00:20:53.0765 0x0308  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
00:20:53.0859 0x0308  NtLmSsp - ok
00:20:53.0921 0x0308  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
00:20:54.0046 0x0308  NtmsSvc - ok
00:20:54.0078 0x0308  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
00:20:54.0203 0x0308  Null - ok
00:20:54.0250 0x0308  [ 0973C0C696780161F4526586D5EAC422, ED0DFB4EACA6A8E9CF92B217FD362F2665535B340C071E9CD7A47EFB8150C50C ] NWADI           C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
00:20:54.0312 0x0308  NWADI - ok
00:20:54.0343 0x0308  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:20:54.0468 0x0308  NwlnkFlt - ok
00:20:54.0500 0x0308  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:20:54.0609 0x0308  NwlnkFwd - ok
00:20:54.0687 0x0308  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:20:54.0703 0x0308  odserv - ok
00:20:54.0734 0x0308  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:20:54.0843 0x0308  ohci1394 - ok
00:20:54.0906 0x0308  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:20:54.0921 0x0308  ose - ok
00:20:54.0968 0x0308  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
00:20:55.0062 0x0308  Parport - ok
00:20:55.0109 0x0308  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
00:20:55.0218 0x0308  PartMgr - ok
00:20:55.0250 0x0308  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
00:20:55.0343 0x0308  ParVdm - ok
00:20:55.0390 0x0308  [ 1961590AA191B6B7DCF18A6A693AF7B8, 69DB6D42DB4EB8C77DC927FA946D115C19A936ADBD2F5677CBB5039401D6EFD0 ] PCASp50         C:\WINDOWS\system32\Drivers\PCASp50.sys
00:20:55.0390 0x0308  PCASp50 - ok
00:20:55.0421 0x0308  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
00:20:55.0531 0x0308  PCI - ok
00:20:55.0546 0x0308  PCIDump - ok
00:20:55.0593 0x0308  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
00:20:55.0703 0x0308  PCIIde - ok
00:20:55.0734 0x0308  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
00:20:55.0828 0x0308  Pcmcia - ok
00:20:55.0843 0x0308  PCTINDIS5 - ok
00:20:55.0859 0x0308  PDCOMP - ok
00:20:55.0875 0x0308  PDFRAME - ok
00:20:55.0906 0x0308  PDRELI - ok
00:20:55.0921 0x0308  PDRFRAME - ok
00:20:55.0937 0x0308  perc2 - ok
00:20:55.0953 0x0308  perc2hib - ok
00:20:56.0031 0x0308  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
00:20:56.0093 0x0308  PlugPlay - ok
00:20:56.0109 0x0308  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
00:20:56.0203 0x0308  PolicyAgent - ok
00:20:56.0234 0x0308  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:20:56.0328 0x0308  PptpMiniport - ok
00:20:56.0343 0x0308  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:20:56.0421 0x0308  ProtectedStorage - ok
00:20:56.0453 0x0308  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
00:20:56.0546 0x0308  PSched - ok
00:20:56.0593 0x0308  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
00:20:56.0609 0x0308  PSI_SVC_2 - ok
00:20:56.0640 0x0308  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:20:56.0750 0x0308  Ptilink - ok
00:20:56.0765 0x0308  ql1080 - ok
00:20:56.0781 0x0308  Ql10wnt - ok
00:20:56.0796 0x0308  ql12160 - ok
00:20:56.0812 0x0308  ql1240 - ok
00:20:56.0828 0x0308  ql1280 - ok
00:20:56.0875 0x0308  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:20:56.0968 0x0308  RasAcd - ok
00:20:57.0015 0x0308  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
00:20:57.0109 0x0308  RasAuto - ok
00:20:57.0140 0x0308  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:20:57.0218 0x0308  Rasl2tp - ok
00:20:57.0281 0x0308  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
00:20:57.0375 0x0308  RasMan - ok
00:20:57.0406 0x0308  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:20:57.0515 0x0308  RasPppoe - ok
00:20:57.0515 0x0308  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
00:20:57.0609 0x0308  Raspti - ok
00:20:57.0656 0x0308  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:20:57.0765 0x0308  Rdbss - ok
00:20:57.0796 0x0308  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:20:57.0890 0x0308  RDPCDD - ok
00:20:57.0937 0x0308  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:20:58.0046 0x0308  rdpdr - ok
00:20:58.0093 0x0308  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
00:20:58.0140 0x0308  RDPWD - ok
00:20:58.0203 0x0308  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
00:20:58.0312 0x0308  RDSessMgr - ok
00:20:58.0328 0x0308  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
00:20:58.0421 0x0308  redbook - ok
00:20:58.0453 0x0308  [ 24D3B49DAB660A8B8AFA40240E735E24, 1CA5554C582ADB83476B989845509FD1A1E82DAC627847A7209F9B39E472D8A7 ] regi            C:\WINDOWS\system32\drivers\regi.sys
00:20:58.0468 0x0308  regi - ok
00:20:58.0484 0x0308  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
00:20:58.0609 0x0308  RemoteAccess - ok
00:20:58.0640 0x0308  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
00:20:58.0765 0x0308  RemoteRegistry - ok
00:20:58.0781 0x0308  [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
00:20:58.0890 0x0308  RFCOMM - ok
00:20:58.0921 0x0308  [ 4F4A4C09CC5BE58A76CAC1C337E004E6, 5DFFB1C60709A80DAC46BCBB9BA76408332A681EFA6ABB330CD74236109F4296 ] RimUsb          C:\WINDOWS\system32\Drivers\RimUsb.sys
00:20:58.0984 0x0308  RimUsb - ok
00:20:59.0015 0x0308  [ 3A5633AD615E2B15291BD0B1B97CCD8A, 17E6FE788E8FBC6CB84B68F49FAFB4F63398EA97D89AACF677B338464B68E2AD ] RimVSerPort     C:\WINDOWS\system32\DRIVERS\RimSerial.sys
00:20:59.0031 0x0308  RimVSerPort - ok
00:20:59.0078 0x0308  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
00:20:59.0187 0x0308  ROOTMODEM - ok
00:20:59.0234 0x0308  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
00:20:59.0312 0x0308  RpcLocator - ok
00:20:59.0359 0x0308  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
00:20:59.0421 0x0308  RpcSs - ok
00:20:59.0468 0x0308  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
00:20:59.0578 0x0308  RSVP - ok
00:20:59.0593 0x0308  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
00:20:59.0687 0x0308  SamSs - ok
00:20:59.0718 0x0308  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
00:20:59.0812 0x0308  SCardSvr - ok
00:20:59.0859 0x0308  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
00:20:59.0968 0x0308  Schedule - ok
00:21:00.0015 0x0308  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:21:00.0125 0x0308  Secdrv - ok
00:21:00.0156 0x0308  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
00:21:00.0265 0x0308  seclogon - ok
00:21:00.0296 0x0308  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
00:21:00.0406 0x0308  SENS - ok
00:21:00.0437 0x0308  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
00:21:00.0546 0x0308  Serial - ok
00:21:00.0609 0x0308  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
00:21:00.0718 0x0308  Sfloppy - ok
00:21:00.0765 0x0308  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
00:21:00.0890 0x0308  SharedAccess - ok
00:21:00.0937 0x0308  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:21:00.0968 0x0308  ShellHWDetection - ok
00:21:00.0968 0x0308  Simbad - ok
00:21:01.0015 0x0308  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:21:01.0125 0x0308  SLIP - ok
00:21:01.0156 0x0308  Sparrow - ok
00:21:01.0171 0x0308  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
00:21:01.0265 0x0308  splitter - ok
00:21:01.0312 0x0308  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
00:21:01.0343 0x0308  Spooler - ok
00:21:01.0390 0x0308  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
00:21:01.0406 0x0308  SQLBrowser - ok
00:21:01.0437 0x0308  [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
00:21:01.0437 0x0308  SQLWriter - ok
00:21:01.0468 0x0308  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
00:21:01.0578 0x0308  sr - ok
00:21:01.0625 0x0308  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
00:21:01.0734 0x0308  srservice - ok
00:21:01.0796 0x0308  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
00:21:01.0890 0x0308  Srv - ok
00:21:01.0921 0x0308  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
00:21:02.0031 0x0308  SSDPSRV - ok
00:21:02.0078 0x0308  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
00:21:02.0203 0x0308  stisvc - ok
00:21:02.0250 0x0308  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:21:02.0343 0x0308  streamip - ok
00:21:02.0375 0x0308  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
00:21:02.0468 0x0308  swenum - ok
00:21:02.0515 0x0308  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
00:21:02.0593 0x0308  swmidi - ok
00:21:02.0640 0x0308  [ E6C797B33A454840245C0C96E7F08B0A, 21E9D936AB6C173DAE197007C95702951FE196EFE0B83B71FED90A0D79128012 ] swmsflt         C:\WINDOWS\System32\drivers\swmsflt.sys
00:21:02.0656 0x0308  swmsflt - ok
00:21:02.0703 0x0308  [ 5D3C9F767EADED3E14FA4CE6CF9F7725, 809757FAAF0FC111F1DC936EF7014DCF23042F8F9E579F339E7F86C3589AF536 ] swmx00          C:\WINDOWS\system32\DRIVERS\swmx00.sys
00:21:02.0703 0x0308  swmx00 - ok
00:21:02.0765 0x0308  [ E0919389FB29ED5C03B0B664236ABE50, 936C830CD4B094C2A74C0DDBA97DABD9F6868FE096E5367B7B54573CA2DD4709 ] SWNC5E00        C:\WINDOWS\system32\DRIVERS\SWNC5E00.sys
00:21:02.0781 0x0308  SWNC5E00 - ok
00:21:02.0781 0x0308  SwPrv - ok
00:21:02.0812 0x0308  symc810 - ok
00:21:02.0828 0x0308  symc8xx - ok
00:21:02.0843 0x0308  sym_hi - ok
00:21:02.0859 0x0308  sym_u3 - ok
00:21:02.0890 0x0308  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
00:21:03.0000 0x0308  sysaudio - ok
00:21:03.0031 0x0308  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
00:21:03.0140 0x0308  SysmonLog - ok
00:21:03.0203 0x0308  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
00:21:03.0312 0x0308  TapiSrv - ok
00:21:03.0375 0x0308  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:21:03.0406 0x0308  Tcpip - ok
00:21:03.0437 0x0308  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
00:21:03.0531 0x0308  TDPIPE - ok
00:21:03.0578 0x0308  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
00:21:03.0671 0x0308  TDTCP - ok
00:21:03.0734 0x0308  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
00:21:03.0828 0x0308  TermDD - ok
00:21:03.0890 0x0308  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
00:21:04.0000 0x0308  TermService - ok
00:21:04.0031 0x0308  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
00:21:04.0046 0x0308  Themes - ok
00:21:04.0093 0x0308  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
00:21:04.0187 0x0308  TlntSvr - ok
00:21:04.0203 0x0308  TosIde - ok
00:21:04.0250 0x0308  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
00:21:04.0343 0x0308  TrkWks - ok
00:21:04.0359 0x0308  TrueSight - ok
00:21:04.0421 0x0308  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
00:21:04.0515 0x0308  Udfs - ok
00:21:04.0531 0x0308  ultra - ok
00:21:04.0609 0x0308  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
00:21:04.0718 0x0308  Update - ok
00:21:04.0765 0x0308  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
00:21:04.0875 0x0308  upnphost - ok
00:21:04.0906 0x0308  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
00:21:05.0000 0x0308  UPS - ok
00:21:05.0062 0x0308  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
00:21:05.0125 0x0308  USBAAPL - ok
00:21:05.0156 0x0308  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
00:21:05.0234 0x0308  usbaudio - ok
00:21:05.0281 0x0308  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:21:05.0312 0x0308  usbccgp - ok
00:21:05.0328 0x0308  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:21:05.0343 0x0308  usbehci - ok
00:21:05.0390 0x0308  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:21:05.0500 0x0308  usbhub - ok
00:21:05.0546 0x0308  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:21:05.0609 0x0308  usbscan - ok
00:21:05.0656 0x0308  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:21:05.0750 0x0308  USBSTOR - ok
00:21:05.0796 0x0308  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:21:05.0890 0x0308  usbuhci - ok
00:21:05.0937 0x0308  [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
00:21:05.0953 0x0308  usbvideo - ok
00:21:06.0000 0x0308  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
00:21:06.0093 0x0308  VgaSave - ok
00:21:06.0093 0x0308  ViaIde - ok
00:21:06.0156 0x0308  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
00:21:06.0265 0x0308  VolSnap - ok
00:21:06.0312 0x0308  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
00:21:06.0421 0x0308  VSS - ok
00:21:06.0453 0x0308  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
00:21:06.0562 0x0308  W32Time - ok
00:21:06.0609 0x0308  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:21:06.0703 0x0308  Wanarp - ok
00:21:06.0781 0x0308  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:21:06.0812 0x0308  Wdf01000 - ok
00:21:06.0828 0x0308  WDICA - ok
00:21:06.0875 0x0308  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
00:21:07.0000 0x0308  wdmaud - ok
00:21:07.0031 0x0308  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
00:21:07.0140 0x0308  WebClient - ok
00:21:07.0218 0x0308  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
00:21:07.0312 0x0308  winmgmt - ok
00:21:07.0375 0x0308  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
00:21:07.0468 0x0308  WmdmPmSN - ok
00:21:07.0531 0x0308  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
00:21:07.0609 0x0308  Wmi - ok
00:21:07.0687 0x0308  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:21:07.0796 0x0308  WmiApSrv - ok
00:21:08.0015 0x0308  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:21:08.0062 0x0308  WPFFontCache_v0400 - ok
00:21:08.0109 0x0308  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:21:08.0218 0x0308  WS2IFSL - ok
00:21:08.0265 0x0308  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
00:21:08.0359 0x0308  wscsvc - ok
00:21:08.0406 0x0308  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:21:08.0500 0x0308  WSTCODEC - ok
00:21:08.0531 0x0308  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
00:21:08.0625 0x0308  wuauserv - ok
00:21:08.0703 0x0308  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
00:21:08.0812 0x0308  WZCSVC - ok
00:21:08.0843 0x0308  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
00:21:08.0937 0x0308  xmlprov - ok
00:21:08.0984 0x0308  [ F20FC720F74A2533D70CEA1F4458F3C8, 67CFF8B09200194A36BE86FE5D95880C262354A6E7A97DA0DE1E17DB89064A43 ] yukonwxp        C:\WINDOWS\system32\DRIVERS\yk51x86.sys
00:21:09.0031 0x0308  yukonwxp - ok
00:21:09.0093 0x0308  ================ Scan global ===============================
00:21:09.0125 0x0308  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
00:21:09.0171 0x0308  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:21:09.0203 0x0308  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:21:09.0234 0x0308  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
00:21:09.0234 0x0308  [ Global ] - ok
00:21:09.0234 0x0308  ================ Scan MBR ==================================
00:21:09.0265 0x0308  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
00:21:09.0515 0x0308  \Device\Harddisk0\DR0 - ok
00:21:09.0531 0x0308  ================ Scan VBR ==================================
00:21:09.0531 0x0308  [ E7F7B4E83D5887CB19CF9F8FE0A742C7 ] \Device\Harddisk0\DR0\Partition1
00:21:09.0531 0x0308  \Device\Harddisk0\DR0\Partition1 - ok
00:21:09.0546 0x0308  [ 2D6588021CB6F71009E2DE3748E29F1B ] \Device\Harddisk0\DR0\Partition2
00:21:09.0546 0x0308  \Device\Harddisk0\DR0\Partition2 - ok
00:21:09.0562 0x0308  [ 56BB1EDB8ED7C8038AB8E11E10A7289B ] \Device\Harddisk0\DR0\Partition3
00:21:09.0562 0x0308  \Device\Harddisk0\DR0\Partition3 - ok
00:21:09.0578 0x0308  [ 56BB1EDB8ED7C8038AB8E11E10A7289B ] \Device\Harddisk0\DR0\Partition4
00:21:09.0578 0x0308  \Device\Harddisk0\DR0\Partition4 - ok
00:21:09.0578 0x0308  ================ Scan active images ========================
00:21:09.0593 0x0308  [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys
00:21:09.0593 0x0308  C:\WINDOWS\system32\drivers\usbport.sys - ok
00:21:09.0625 0x0308  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
00:21:09.0625 0x0308  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
00:21:09.0640 0x0308  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys
00:21:09.0640 0x0308  C:\WINDOWS\system32\drivers\usbehci.sys - ok
00:21:09.0656 0x0308  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
00:21:09.0656 0x0308  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
00:21:09.0671 0x0308  [ E9EA635B8432D68F0005B3F6CEBAB837, 62E9C7AE02836457EB50C816B6BCB671F2918FD5A451415257077A4CC99CA2AB ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
00:21:09.0671 0x0308  C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
00:21:09.0687 0x0308  [ F20FC720F74A2533D70CEA1F4458F3C8, 67CFF8B09200194A36BE86FE5D95880C262354A6E7A97DA0DE1E17DB89064A43 ] C:\WINDOWS\system32\drivers\yk51x86.sys
00:21:09.0687 0x0308  C:\WINDOWS\system32\drivers\yk51x86.sys - ok
00:21:09.0703 0x0308  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
00:21:09.0703 0x0308  C:\WINDOWS\system32\drivers\imapi.sys - ok
00:21:09.0718 0x0308  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
00:21:09.0718 0x0308  C:\WINDOWS\system32\drivers\cdrom.sys - ok
00:21:09.0734 0x0308  [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
00:21:09.0734 0x0308  C:\WINDOWS\system32\drivers\ks.sys - ok
00:21:09.0750 0x0308  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
00:21:09.0750 0x0308  C:\WINDOWS\system32\drivers\redbook.sys - ok
00:21:09.0765 0x0308  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
00:21:09.0765 0x0308  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
00:21:09.0781 0x0308  [ 03C6C226BC364D23682A8A5AE136F038, 824BA2F956853556958E26D56B5F54AD5FAC9C7E638AA4BF2502D2E7B5EA171D ] C:\WINDOWS\system32\drivers\epfwndis.sys
00:21:09.0781 0x0308  C:\WINDOWS\system32\drivers\epfwndis.sys - ok
00:21:09.0812 0x0308  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
00:21:09.0812 0x0308  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
00:21:09.0828 0x0308  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
00:21:09.0828 0x0308  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
00:21:09.0843 0x0308  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
00:21:09.0843 0x0308  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
00:21:09.0859 0x0308  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
00:21:09.0859 0x0308  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
00:21:09.0859 0x0308  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
00:21:09.0859 0x0308  C:\WINDOWS\system32\drivers\raspptp.sys - ok
00:21:09.0875 0x0308  [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
00:21:09.0875 0x0308  C:\WINDOWS\system32\drivers\tdi.sys - ok
00:21:09.0890 0x0308  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
00:21:09.0890 0x0308  C:\WINDOWS\system32\drivers\msgpc.sys - ok
00:21:09.0906 0x0308  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
00:21:09.0906 0x0308  C:\WINDOWS\system32\drivers\psched.sys - ok
00:21:09.0921 0x0308  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
00:21:09.0921 0x0308  C:\WINDOWS\system32\drivers\ptilink.sys - ok
00:21:09.0937 0x0308  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
00:21:09.0937 0x0308  C:\WINDOWS\system32\drivers\raspti.sys - ok
00:21:09.0968 0x0308  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] C:\WINDOWS\system32\drivers\rdpdr.sys
00:21:09.0968 0x0308  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
00:21:09.0984 0x0308  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
00:21:09.0984 0x0308  C:\WINDOWS\system32\drivers\termdd.sys - ok
00:21:10.0000 0x0308  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
00:21:10.0000 0x0308  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
00:21:10.0015 0x0308  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
00:21:10.0015 0x0308  C:\WINDOWS\system32\drivers\mouclass.sys - ok
00:21:10.0031 0x0308  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
00:21:10.0031 0x0308  C:\WINDOWS\system32\drivers\swenum.sys - ok
00:21:10.0046 0x0308  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
00:21:10.0046 0x0308  C:\WINDOWS\system32\drivers\update.sys - ok
00:21:10.0062 0x0308  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
00:21:10.0062 0x0308  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
00:21:10.0078 0x0308  [ 0973C0C696780161F4526586D5EAC422, ED0DFB4EACA6A8E9CF92B217FD362F2665535B340C071E9CD7A47EFB8150C50C ] C:\WINDOWS\system32\drivers\NWADIenum.sys
00:21:10.0078 0x0308  C:\WINDOWS\system32\drivers\NWADIenum.sys - ok
00:21:10.0093 0x0308  [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys
00:21:10.0093 0x0308  C:\WINDOWS\system32\drivers\usbd.sys - ok
00:21:10.0109 0x0308  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
00:21:10.0109 0x0308  C:\WINDOWS\system32\drivers\usbhub.sys - ok
00:21:10.0109 0x0308  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] C:\WINDOWS\system32\drivers\ndproxy.sys
00:21:10.0109 0x0308  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
00:21:10.0140 0x0308  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
00:21:10.0140 0x0308  C:\WINDOWS\system32\drivers\fdc.sys - ok
00:21:10.0156 0x0308  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] C:\WINDOWS\system32\drivers\flpydisk.sys
00:21:10.0156 0x0308  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
00:21:10.0187 0x0308  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
00:21:10.0187 0x0308  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
00:21:10.0187 0x0308  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
00:21:10.0203 0x0308  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
00:21:10.0203 0x0308  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
00:21:10.0203 0x0308  C:\WINDOWS\system32\drivers\beep.sys - ok
00:21:10.0218 0x0308  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
00:21:10.0218 0x0308  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
00:21:10.0234 0x0308  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
00:21:10.0234 0x0308  C:\WINDOWS\system32\drivers\null.sys - ok
00:21:10.0250 0x0308  [ 366369746D1818FDD8589D1F2C8A6D03, 3EF30C36DEAB79C2E971CA189BDEBAC2491956D3C834E0D1ECCACBD23717B128 ] C:\WINDOWS\system32\drivers\ehdrv.sys
00:21:10.0250 0x0308  C:\WINDOWS\system32\drivers\ehdrv.sys - ok
00:21:10.0265 0x0308  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
00:21:10.0265 0x0308  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
00:21:10.0281 0x0308  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
00:21:10.0281 0x0308  C:\WINDOWS\system32\drivers\vga.sys - ok
00:21:10.0296 0x0308  [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
00:21:10.0296 0x0308  C:\WINDOWS\system32\drivers\videoprt.sys - ok
00:21:10.0312 0x0308  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
00:21:10.0312 0x0308  C:\WINDOWS\system32\drivers\msfs.sys - ok
00:21:10.0328 0x0308  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
00:21:10.0328 0x0308  C:\WINDOWS\system32\drivers\npfs.sys - ok
00:21:10.0359 0x0308  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
00:21:10.0359 0x0308  C:\WINDOWS\system32\drivers\rasacd.sys - ok
00:21:10.0375 0x0308  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
00:21:10.0375 0x0308  C:\WINDOWS\system32\drivers\ipsec.sys - ok
00:21:10.0390 0x0308  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
00:21:10.0390 0x0308  C:\WINDOWS\system32\drivers\tcpip.sys - ok
00:21:10.0406 0x0308  [ FEDBE43C34EF0D4CB249C22964B0E17D, 79844F1953F7593AAFA0D166DA97B69F6F6B63AA4C48265B15944FBF17B15603 ] C:\WINDOWS\system32\drivers\epfwtdi.sys
00:21:10.0406 0x0308  C:\WINDOWS\system32\drivers\epfwtdi.sys - ok
00:21:10.0421 0x0308  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys
00:21:10.0421 0x0308  C:\WINDOWS\system32\drivers\ipnat.sys - ok
00:21:10.0437 0x0308  [ 8787E193FCEB88F12CE2B1A0BBC3F64E, 7A66D6E850F6ECF068EEF56333271A585096CED6F02E54083E0FE96012565D7B ] C:\WINDOWS\system32\drivers\BthKicker.sys
00:21:10.0437 0x0308  C:\WINDOWS\system32\drivers\BthKicker.sys - ok
00:21:10.0453 0x0308  [ 6AA8BB224B30A20A5D07A2734568D6D7, 40C28C9C0B1FC26D450008C7109E3ADCB468953E27670DF133824F9969AD1DE9 ] C:\WINDOWS\system32\drivers\wdfldr.sys
00:21:10.0453 0x0308  C:\WINDOWS\system32\drivers\wdfldr.sys - ok
00:21:10.0453 0x0308  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
00:21:10.0453 0x0308  C:\WINDOWS\system32\drivers\netbt.sys - ok
00:21:10.0468 0x0308  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] C:\WINDOWS\system32\drivers\wdf01000.sys
00:21:10.0468 0x0308  C:\WINDOWS\system32\drivers\wdf01000.sys - ok
00:21:10.0484 0x0308  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
00:21:10.0484 0x0308  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
00:21:10.0500 0x0308  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
00:21:10.0500 0x0308  C:\WINDOWS\system32\drivers\afd.sys - ok
00:21:10.0531 0x0308  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
00:21:10.0531 0x0308  C:\WINDOWS\system32\drivers\netbios.sys - ok
00:21:10.0546 0x0308  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
00:21:10.0546 0x0308  C:\WINDOWS\system32\drivers\rdbss.sys - ok
00:21:10.0562 0x0308  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
00:21:10.0562 0x0308  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
00:21:10.0578 0x0308  [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
00:21:10.0578 0x0308  C:\WINDOWS\system32\ntdll.dll - ok
00:21:10.0593 0x0308  [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
00:21:10.0593 0x0308  C:\WINDOWS\system32\smss.exe - ok
00:21:10.0609 0x0308  [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
00:21:10.0609 0x0308  C:\WINDOWS\system32\autochk.exe - ok
00:21:10.0625 0x0308  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] C:\WINDOWS\system32\drivers\usbccgp.sys
00:21:10.0625 0x0308  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
00:21:10.0640 0x0308  [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
00:21:10.0640 0x0308  C:\WINDOWS\system32\sfcfiles.dll - ok
00:21:10.0656 0x0308  [ 7BAEF646E550106B039849B72244A35A, 27CB155D23D8D9CFB3C6A408B9A056A503A0FB18BEE85B9B7A79173D114DF710 ] C:\WINDOWS\system32\drivers\IRFilter.sys
00:21:10.0656 0x0308  C:\WINDOWS\system32\drivers\IRFilter.sys - ok
00:21:10.0671 0x0308  [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys
00:21:10.0671 0x0308  C:\WINDOWS\system32\drivers\hidparse.sys - ok
00:21:10.0687 0x0308  [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
00:21:10.0687 0x0308  C:\WINDOWS\system32\drivers\hidclass.sys - ok
00:21:10.0703 0x0308  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
00:21:10.0703 0x0308  C:\WINDOWS\system32\drivers\hidusb.sys - ok
00:21:10.0734 0x0308  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
00:21:10.0734 0x0308  C:\WINDOWS\system32\drivers\cdfs.sys - ok
00:21:10.0750 0x0308  [ F0135C184560C73AACD53AD07A9AA434, C8F8D0147EDFC4472B4240E84527D51FC7A004E70EFB4EEF79F4773698D8485D ] C:\WINDOWS\system32\drivers\KeyMagic.sys
00:21:10.0750 0x0308  C:\WINDOWS\system32\drivers\KeyMagic.sys - ok
00:21:10.0765 0x0308  [ 6430D3F927854C82C31F27E288C54CBB, BE559D3D78468FEFA8738203732CD0B713FA588F39C74E73744680C4AF137159 ] C:\WINDOWS\system32\drivers\aapltp.sys
00:21:10.0765 0x0308  C:\WINDOWS\system32\drivers\aapltp.sys - ok
00:21:10.0781 0x0308  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
00:21:10.0781 0x0308  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
00:21:10.0796 0x0308  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
00:21:10.0796 0x0308  C:\WINDOWS\system32\drivers\mouhid.sys - ok
00:21:10.0812 0x0308  [ 77B1E1CC929083A64A958D3E6A0C8441, 71CF691497DE09BBFA050234E9612AAA6F0942507B8E8EE528645BEFF0051730 ] C:\WINDOWS\system32\drivers\aapltctp.sys
00:21:10.0812 0x0308  C:\WINDOWS\system32\drivers\aapltctp.sys - ok
00:21:10.0812 0x0308  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
00:21:10.0812 0x0308  C:\WINDOWS\system32\drivers\atapi.sys - ok
00:21:10.0828 0x0308  [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
00:21:10.0828 0x0308  C:\WINDOWS\system32\drivers\wmilib.sys - ok
00:21:10.0843 0x0308  [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
00:21:10.0843 0x0308  C:\WINDOWS\system32\drivers\dxapi.sys - ok
00:21:10.0859 0x0308  [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
00:21:10.0859 0x0308  C:\WINDOWS\system32\watchdog.sys - ok
00:21:10.0890 0x0308  [ 80AAA73D56272FD54DC6DE8643D10E9F, 0DC91699D5AF322C78AF7783CF3D55A1F561219EE32DC8DA186F2255704D52FC ] C:\WINDOWS\system32\win32k.sys
00:21:10.0890 0x0308  C:\WINDOWS\system32\win32k.sys - ok
00:21:10.0906 0x0308  [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
00:21:10.0921 0x0308  C:\WINDOWS\system32\csrss.exe - ok
00:21:10.0921 0x0308  [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
00:21:10.0921 0x0308  C:\WINDOWS\system32\csrsrv.dll - ok
00:21:10.0937 0x0308  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
00:21:10.0937 0x0308  C:\WINDOWS\system32\basesrv.dll - ok
00:21:10.0953 0x0308  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:21:10.0953 0x0308  C:\WINDOWS\system32\winsrv.dll - ok
00:21:10.0968 0x0308  [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll
00:21:10.0968 0x0308  C:\WINDOWS\system32\gdi32.dll - ok
00:21:10.0984 0x0308  [ 4A45B692D2BAA74124DF57472D5EA2F1, DFC6B595BBADFEF4930CCCF48E9FE55551CF0891571257E3E0A0DE328077A89B ] C:\WINDOWS\system32\kernel32.dll
00:21:10.0984 0x0308  C:\WINDOWS\system32\kernel32.dll - ok
00:21:11.0000 0x0308  [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
00:21:11.0000 0x0308  C:\WINDOWS\system32\user32.dll - ok
00:21:11.0015 0x0308  [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
00:21:11.0015 0x0308  C:\WINDOWS\system32\drivers\dxg.sys - ok
00:21:11.0031 0x0308  [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
00:21:11.0031 0x0308  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
00:21:11.0046 0x0308  [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
00:21:11.0046 0x0308  C:\WINDOWS\system32\vga.dll - ok
00:21:11.0062 0x0308  [ C669A8B0A436641AAD3C2EADA780CBB9, A2D8154A31D8AD00E4BC70C9C1E138D7D8820D7A5C0A1CF33A4745E933797525 ] C:\WINDOWS\system32\framebuf.dll
00:21:11.0062 0x0308  C:\WINDOWS\system32\framebuf.dll - ok
00:21:11.0093 0x0308  [ 1FB5E4AD68B9091148D2A28CF6831D77, 8ABF5F65F8509C633C24856C808854AE1AC8870A98B3DDBF9ED98B7D3CA48383 ] C:\WINDOWS\system32\vga256.dll
00:21:11.0093 0x0308  C:\WINDOWS\system32\vga256.dll - ok
00:21:11.0109 0x0308  [ D5A9D4E5DFD788A5F427DEC60A278FBD, 2E4F11FC9AC6761EA6D044E40A382B226C0E2B119416DD2B78D3B4B067983484 ] C:\WINDOWS\system32\vga64k.dll
00:21:11.0109 0x0308  C:\WINDOWS\system32\vga64k.dll - ok
00:21:11.0125 0x0308  [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
00:21:11.0125 0x0308  C:\WINDOWS\system32\winlogon.exe - ok
00:21:11.0140 0x0308  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
00:21:11.0140 0x0308  C:\WINDOWS\system32\advapi32.dll - ok
00:21:11.0156 0x0308  [ 44C164B34A72F29087ECA32411F2ED44, 112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ] C:\WINDOWS\system32\rpcrt4.dll
00:21:11.0156 0x0308  C:\WINDOWS\system32\rpcrt4.dll - ok
00:21:11.0171 0x0308  [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
00:21:11.0171 0x0308  C:\WINDOWS\system32\secur32.dll - ok
00:21:11.0187 0x0308  [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
00:21:11.0187 0x0308  C:\WINDOWS\system32\authz.dll - ok
00:21:11.0203 0x0308  [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
00:21:11.0203 0x0308  C:\WINDOWS\system32\msvcrt.dll - ok
00:21:11.0218 0x0308  [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll
00:21:11.0218 0x0308  C:\WINDOWS\system32\crypt32.dll - ok
00:21:11.0234 0x0308  [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
00:21:11.0234 0x0308  C:\WINDOWS\system32\msasn1.dll - ok
00:21:11.0250 0x0308  [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
00:21:11.0250 0x0308  C:\WINDOWS\system32\nddeapi.dll - ok
00:21:11.0265 0x0308  [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
00:21:11.0265 0x0308  C:\WINDOWS\system32\netapi32.dll - ok
00:21:11.0281 0x0308  [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
00:21:11.0281 0x0308  C:\WINDOWS\system32\profmap.dll - ok
00:21:11.0296 0x0308  [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
00:21:11.0296 0x0308  C:\WINDOWS\system32\userenv.dll - ok
00:21:11.0312 0x0308  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
00:21:11.0312 0x0308  C:\WINDOWS\system32\psapi.dll - ok
00:21:11.0328 0x0308  [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
00:21:11.0328 0x0308  C:\WINDOWS\system32\regapi.dll - ok
00:21:11.0343 0x0308  [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
00:21:11.0343 0x0308  C:\WINDOWS\system32\setupapi.dll - ok
00:21:11.0359 0x0308  [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
00:21:11.0359 0x0308  C:\WINDOWS\system32\version.dll - ok
00:21:11.0375 0x0308  [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
00:21:11.0375 0x0308  C:\WINDOWS\system32\winsta.dll - ok
00:21:11.0390 0x0308  [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
00:21:11.0390 0x0308  C:\WINDOWS\system32\wintrust.dll - ok
00:21:11.0406 0x0308  [ 16E916243BDDBAF44D98E623B2D0CEAD, A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ] C:\WINDOWS\system32\imagehlp.dll
00:21:11.0406 0x0308  C:\WINDOWS\system32\imagehlp.dll - ok
00:21:11.0421 0x0308  [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
00:21:11.0421 0x0308  C:\WINDOWS\system32\ws2help.dll - ok
00:21:11.0437 0x0308  [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
00:21:11.0437 0x0308  C:\WINDOWS\system32\ws2_32.dll - ok
00:21:11.0468 0x0308  [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
00:21:11.0468 0x0308  C:\WINDOWS\system32\imm32.dll - ok
00:21:11.0484 0x0308  [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
00:21:11.0484 0x0308  C:\WINDOWS\system32\kbdus.dll - ok
00:21:11.0500 0x0308  [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
00:21:11.0500 0x0308  C:\WINDOWS\system32\msgina.dll - ok
00:21:11.0515 0x0308  [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
00:21:11.0515 0x0308  C:\WINDOWS\system32\comctl32.dll - ok
00:21:11.0515 0x0308  [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
00:21:11.0515 0x0308  C:\WINDOWS\system32\odbc32.dll - ok
00:21:11.0531 0x0308  [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
00:21:11.0531 0x0308  C:\WINDOWS\system32\comdlg32.dll - ok
00:21:11.0546 0x0308  [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
00:21:11.0546 0x0308  C:\WINDOWS\system32\shell32.dll - ok
00:21:11.0562 0x0308  [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
00:21:11.0562 0x0308  C:\WINDOWS\system32\shlwapi.dll - ok
00:21:11.0578 0x0308  [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
00:21:11.0578 0x0308  C:\WINDOWS\system32\sxs.dll - ok
00:21:11.0593 0x0308  [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
00:21:11.0593 0x0308  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
00:21:11.0609 0x0308  [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
00:21:11.0609 0x0308  C:\WINDOWS\system32\odbcint.dll - ok
00:21:11.0625 0x0308  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
00:21:11.0625 0x0308  C:\WINDOWS\system32\shsvcs.dll - ok
00:21:11.0656 0x0308  [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
00:21:11.0656 0x0308  C:\WINDOWS\system32\sfc.dll - ok
00:21:11.0671 0x0308  [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
00:21:11.0671 0x0308  C:\WINDOWS\system32\sfc_os.dll - ok
00:21:11.0687 0x0308  [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
00:21:11.0687 0x0308  C:\WINDOWS\system32\ole32.dll - ok
00:21:11.0703 0x0308  [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
00:21:11.0703 0x0308  C:\WINDOWS\system32\apphelp.dll - ok
00:21:11.0718 0x0308  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
00:21:11.0718 0x0308  C:\WINDOWS\system32\services.exe - ok
00:21:11.0734 0x0308  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
00:21:11.0734 0x0308  C:\WINDOWS\system32\lsass.exe - ok
00:21:11.0750 0x0308  [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
00:21:11.0750 0x0308  C:\WINDOWS\system32\ncobjapi.dll - ok
00:21:11.0765 0x0308  [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
00:21:11.0765 0x0308  C:\WINDOWS\system32\msvcp60.dll - ok
00:21:11.0781 0x0308  [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
00:21:11.0781 0x0308  C:\WINDOWS\system32\lsasrv.dll - ok
00:21:11.0781 0x0308  [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
00:21:11.0781 0x0308  C:\WINDOWS\system32\scesrv.dll - ok
00:21:11.0796 0x0308  [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
00:21:11.0796 0x0308  C:\WINDOWS\system32\mpr.dll - ok
00:21:11.0828 0x0308  [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
00:21:11.0828 0x0308  C:\WINDOWS\system32\umpnpmgr.dll - ok
00:21:11.0859 0x0308  [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
00:21:11.0859 0x0308  C:\WINDOWS\system32\ntdsapi.dll - ok
00:21:11.0875 0x0308  [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
00:21:11.0875 0x0308  C:\WINDOWS\system32\dnsapi.dll - ok
00:21:11.0875 0x0308  [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
00:21:11.0875 0x0308  C:\WINDOWS\system32\shimeng.dll - ok
00:21:11.0890 0x0308  [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
00:21:11.0890 0x0308  C:\WINDOWS\AppPatch\acadproc.dll - ok
00:21:11.0906 0x0308  [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
00:21:11.0906 0x0308  C:\WINDOWS\system32\wldap32.dll - ok
00:21:11.0921 0x0308  [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
00:21:11.0921 0x0308  C:\WINDOWS\system32\samlib.dll - ok
00:21:11.0937 0x0308  [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
00:21:11.0937 0x0308  C:\WINDOWS\system32\samsrv.dll - ok
00:21:11.0953 0x0308  [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
00:21:11.0953 0x0308  C:\WINDOWS\system32\cryptdll.dll - ok
00:21:11.0968 0x0308  [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
00:21:11.0968 0x0308  C:\WINDOWS\AppPatch\acgenral.dll - ok
00:21:11.0984 0x0308  [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
00:21:11.0984 0x0308  C:\WINDOWS\system32\oleaut32.dll - ok
00:21:12.0000 0x0308  [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
00:21:12.0000 0x0308  C:\WINDOWS\system32\winmm.dll - ok
00:21:12.0031 0x0308  [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
00:21:12.0031 0x0308  C:\WINDOWS\system32\msacm32.dll - ok
00:21:12.0046 0x0308  [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
00:21:12.0046 0x0308  C:\WINDOWS\system32\uxtheme.dll - ok
00:21:12.0062 0x0308  [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
00:21:12.0062 0x0308  C:\WINDOWS\system32\msapsspc.dll - ok
00:21:12.0078 0x0308  [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
00:21:12.0078 0x0308  C:\WINDOWS\system32\msvcrt40.dll - ok
00:21:12.0093 0x0308  [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
00:21:12.0093 0x0308  C:\WINDOWS\system32\schannel.dll - ok
00:21:12.0109 0x0308  [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
00:21:12.0109 0x0308  C:\WINDOWS\system32\digest.dll - ok
00:21:12.0125 0x0308  [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
00:21:12.0125 0x0308  C:\WINDOWS\system32\msnsspc.dll - ok
00:21:12.0140 0x0308  [ 3F790874A85819E94574F3E7AF9C5806, 9D398D6752ED407C1E7F9B08A79DA77ACFFC060D28FA0F357C0BD5D4DE8AAD97 ] C:\WINDOWS\system32\msctfime.ime
00:21:12.0140 0x0308  C:\WINDOWS\system32\msctfime.ime - ok
00:21:12.0140 0x0308  [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
00:21:12.0140 0x0308  C:\WINDOWS\system32\msprivs.dll - ok
00:21:12.0156 0x0308  [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
00:21:12.0156 0x0308  C:\WINDOWS\system32\kerberos.dll - ok
00:21:12.0187 0x0308  [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
00:21:12.0187 0x0308  C:\WINDOWS\system32\msv1_0.dll - ok
00:21:12.0203 0x0308  [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
00:21:12.0203 0x0308  C:\WINDOWS\system32\iphlpapi.dll - ok
00:21:12.0218 0x0308  [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
00:21:12.0218 0x0308  C:\WINDOWS\system32\netlogon.dll - ok
00:21:12.0234 0x0308  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
00:21:12.0234 0x0308  C:\WINDOWS\system32\w32time.dll - ok
00:21:12.0250 0x0308  [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
00:21:12.0250 0x0308  C:\WINDOWS\system32\wdigest.dll - ok
00:21:12.0265 0x0308  [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll
00:21:12.0265 0x0308  C:\WINDOWS\system32\atmfd.dll - ok
00:21:12.0281 0x0308  [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
00:21:12.0281 0x0308  C:\WINDOWS\system32\rsaenh.dll - ok
00:21:12.0296 0x0308  [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
00:21:12.0296 0x0308  C:\WINDOWS\system32\winscard.dll - ok
00:21:12.0312 0x0308  [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
00:21:12.0312 0x0308  C:\WINDOWS\system32\wtsapi32.dll - ok
00:21:12.0328 0x0308  [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
00:21:12.0328 0x0308  C:\WINDOWS\system32\scecli.dll - ok
00:21:12.0343 0x0308  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
00:21:12.0343 0x0308  C:\WINDOWS\system32\svchost.exe - ok
00:21:12.0359 0x0308  [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
00:21:12.0359 0x0308  C:\WINDOWS\system32\ntmarta.dll - ok
00:21:12.0375 0x0308  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
00:21:12.0375 0x0308  C:\WINDOWS\system32\rpcss.dll - ok
00:21:12.0406 0x0308  [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
00:21:12.0406 0x0308  C:\WINDOWS\system32\xpsp2res.dll - ok
00:21:12.0421 0x0308  [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
00:21:12.0421 0x0308  C:\WINDOWS\system32\eventlog.dll - ok
00:21:12.0437 0x0308  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
00:21:12.0437 0x0308  C:\WINDOWS\system32\logonui.exe - ok
00:21:12.0453 0x0308  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
00:21:12.0453 0x0308  C:\WINDOWS\system32\mswsock.dll - ok
00:21:12.0453 0x0308  [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
00:21:12.0453 0x0308  C:\WINDOWS\system32\hnetcfg.dll - ok
00:21:12.0468 0x0308  [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
00:21:12.0468 0x0308  C:\WINDOWS\system32\duser.dll - ok
00:21:12.0484 0x0308  [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
00:21:12.0484 0x0308  C:\WINDOWS\system32\msimg32.dll - ok
00:21:12.0500 0x0308  [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
00:21:12.0500 0x0308  C:\WINDOWS\system32\wshtcpip.dll - ok
00:21:12.0515 0x0308  [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
00:21:12.0515 0x0308  C:\WINDOWS\system32\oleacc.dll - ok
00:21:12.0531 0x0308  [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
00:21:12.0531 0x0308  C:\WINDOWS\system32\winrnr.dll - ok
00:21:12.0546 0x0308  [ 46C55935FA730144449C884A472827E0, B5678D6FE86546FE8F42135ED68C501AAAC8ABF0C504E0CC09ABC2806BEA2FA4 ] C:\WINDOWS\system32\wshbth.dll
00:21:12.0546 0x0308  C:\WINDOWS\system32\wshbth.dll - ok
00:21:12.0578 0x0308  [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:21:12.0578 0x0308  C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:21:12.0593 0x0308  [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
00:21:12.0593 0x0308  C:\WINDOWS\system32\rasadhlp.dll - ok
00:21:12.0609 0x0308  [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
00:21:12.0609 0x0308  C:\WINDOWS\system32\cscdll.dll - ok
00:21:12.0625 0x0308  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
00:21:12.0625 0x0308  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
00:21:12.0640 0x0308  [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
00:21:12.0640 0x0308  C:\WINDOWS\system32\dimsntfy.dll - ok
00:21:12.0656 0x0308  [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
00:21:12.0656 0x0308  C:\WINDOWS\system32\clbcatq.dll - ok
00:21:12.0671 0x0308  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
00:21:12.0671 0x0308  C:\WINDOWS\system32\dnsrslvr.dll - ok
00:21:12.0687 0x0308  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
00:21:12.0687 0x0308  C:\WINDOWS\system32\dhcpcsvc.dll - ok
00:21:12.0703 0x0308  [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
00:21:12.0703 0x0308  C:\WINDOWS\system32\wlnotify.dll - ok
00:21:12.0703 0x0308  [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
00:21:12.0703 0x0308  C:\WINDOWS\system32\winspool.drv - ok
00:21:12.0734 0x0308  [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
00:21:12.0734 0x0308  C:\WINDOWS\system32\comres.dll - ok
00:21:12.0750 0x0308  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
00:21:12.0750 0x0308  C:\WINDOWS\system32\lmhsvc.dll - ok
00:21:12.0765 0x0308  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
00:21:12.0765 0x0308  C:\WINDOWS\system32\wzcsvc.dll - ok
00:21:12.0781 0x0308  [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
00:21:12.0781 0x0308  C:\WINDOWS\system32\shgina.dll - ok
00:21:12.0796 0x0308  [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
00:21:12.0796 0x0308  C:\WINDOWS\system32\rtutils.dll - ok
00:21:12.0812 0x0308  [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
00:21:12.0812 0x0308  C:\WINDOWS\system32\wmi.dll - ok
00:21:12.0828 0x0308  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
00:21:12.0828 0x0308  C:\WINDOWS\system32\eapolqec.dll - ok
00:21:12.0843 0x0308  [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
00:21:12.0843 0x0308  C:\WINDOWS\system32\atl.dll - ok
00:21:12.0859 0x0308  [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
00:21:12.0859 0x0308  C:\WINDOWS\system32\qutil.dll - ok
00:21:12.0875 0x0308  [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
00:21:12.0875 0x0308  C:\WINDOWS\system32\dot3api.dll - ok
00:21:12.0890 0x0308  [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
00:21:12.0890 0x0308  C:\WINDOWS\system32\esent.dll - ok
00:21:12.0906 0x0308  [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
00:21:12.0906 0x0308  C:\WINDOWS\system32\rastls.dll - ok
00:21:12.0937 0x0308  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
00:21:12.0937 0x0308  C:\WINDOWS\system32\cryptui.dll - ok
00:21:12.0953 0x0308  [ 9F20FEF7F8B411165174CEC20583462A, 9511FA64CF8D03A69FEACDFBAF53211A5EC7E069C313C875E1962E97D283A0A5 ] C:\WINDOWS\system32\wininet.dll
00:21:12.0953 0x0308  C:\WINDOWS\system32\wininet.dll - ok
00:21:12.0968 0x0308  [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
00:21:12.0968 0x0308  C:\WINDOWS\system32\normaliz.dll - ok
00:21:12.0984 0x0308  [ 94F96C1648D5F8E4375BF64D404C74BB, FE789E83436302DC0C9D0B1D0E9B0F8A546A9BD9693F3EB64C0B4F4159DCE379 ] C:\WINDOWS\system32\iertutil.dll
00:21:12.0984 0x0308  C:\WINDOWS\system32\iertutil.dll - ok
00:21:13.0000 0x0308  [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
00:21:13.0000 0x0308  C:\WINDOWS\system32\mprapi.dll - ok
00:21:13.0000 0x0308  [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
00:21:13.0000 0x0308  C:\WINDOWS\system32\activeds.dll - ok
00:21:13.0015 0x0308  [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
00:21:13.0015 0x0308  C:\WINDOWS\system32\adsldpc.dll - ok
00:21:13.0031 0x0308  [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
00:21:13.0031 0x0308  C:\WINDOWS\system32\rasapi32.dll - ok
00:21:13.0046 0x0308  [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
00:21:13.0046 0x0308  C:\WINDOWS\system32\rasman.dll - ok
00:21:13.0062 0x0308  [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
00:21:13.0062 0x0308  C:\WINDOWS\system32\tapi32.dll - ok
00:21:13.0078 0x0308  [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
00:21:13.0078 0x0308  C:\WINDOWS\system32\riched20.dll - ok
00:21:13.0093 0x0308  [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
00:21:13.0093 0x0308  C:\WINDOWS\system32\raschap.dll - ok
00:21:13.0125 0x0308  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
00:21:13.0125 0x0308  C:\WINDOWS\system32\wkssvc.dll - ok
00:21:13.0140 0x0308  [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
00:21:13.0140 0x0308  C:\WINDOWS\system32\mlang.dll - ok
00:21:13.0156 0x0308  [ 566382CA5F2C41FEAEEEFAC908F1EB92, FF25ACB5CC757F6D7FE8724EDAC16A36332406AF39745C45858AB24CAF24AC48 ] C:\WINDOWS\system32\xmlprovi.dll
00:21:13.0156 0x0308  C:\WINDOWS\system32\xmlprovi.dll - ok
00:21:13.0171 0x0308  [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
00:21:13.0171 0x0308  C:\WINDOWS\system32\wzcsapi.dll - ok
00:21:13.0187 0x0308  [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
00:21:13.0187 0x0308  C:\WINDOWS\system32\cscui.dll - ok
00:21:13.0203 0x0308  [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
00:21:13.0203 0x0308  C:\WINDOWS\system32\powrprof.dll - ok
00:21:13.0218 0x0308  [ 2BC7128348265CABA9BBC058729A8B7B, 7032BA75102B52281C343E40E03E313D692A4ACA2396B620F51429F74860A416 ] C:\WINDOWS\system32\dpcdll.dll
00:21:13.0218 0x0308  C:\WINDOWS\system32\dpcdll.dll - ok
00:21:13.0234 0x0308  [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
00:21:13.0234 0x0308  C:\WINDOWS\system32\userinit.exe - ok
00:21:13.0250 0x0308  [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
00:21:13.0250 0x0308  C:\WINDOWS\explorer.exe - ok
00:21:13.0250 0x0308  [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll
00:21:13.0250 0x0308  C:\WINDOWS\system32\browseui.dll - ok
00:21:13.0265 0x0308  [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll
00:21:13.0265 0x0308  C:\WINDOWS\system32\shdocvw.dll - ok
00:21:13.0296 0x0308  [ E3CD8CA170EBFE8ABAC23E7CA44B6292, CB3922E37CDFECC2693FC64285B403AB9C0FE99A2D8A48EE41091F16D5547709 ] C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\DropboxExt.22.dll
00:21:13.0296 0x0308  C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\DropboxExt.22.dll - ok
00:21:13.0312 0x0308  [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
00:21:13.0312 0x0308  C:\WINDOWS\system32\dbghelp.dll - ok
00:21:13.0328 0x0308  [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
00:21:13.0328 0x0308  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
00:21:13.0343 0x0308  [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
00:21:13.0343 0x0308  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
00:21:13.0359 0x0308  [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
00:21:13.0359 0x0308  C:\WINDOWS\system32\desk.cpl - ok
00:21:13.0375 0x0308  [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
00:21:13.0375 0x0308  C:\WINDOWS\system32\themeui.dll - ok
00:21:13.0390 0x0308  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
00:21:13.0390 0x0308  C:\WINDOWS\system32\es.dll - ok
00:21:13.0406 0x0308  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
00:21:13.0406 0x0308  C:\WINDOWS\system32\cryptsvc.dll - ok
00:21:13.0421 0x0308  [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
00:21:13.0421 0x0308  C:\WINDOWS\system32\certcli.dll - ok
00:21:13.0437 0x0308  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
00:21:13.0437 0x0308  C:\WINDOWS\system32\dmserver.dll - ok
00:21:13.0453 0x0308  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
00:21:13.0453 0x0308  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
00:21:13.0484 0x0308  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
00:21:13.0484 0x0308  C:\WINDOWS\system32\netman.dll - ok
00:21:13.0500 0x0308  [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
00:21:13.0500 0x0308  C:\WINDOWS\system32\netshell.dll - ok
00:21:13.0500 0x0308  [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
00:21:13.0500 0x0308  C:\WINDOWS\system32\credui.dll - ok
00:21:13.0515 0x0308  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
00:21:13.0515 0x0308  C:\WINDOWS\system32\dot3dlg.dll - ok
00:21:13.0531 0x0308  [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
00:21:13.0531 0x0308  C:\WINDOWS\system32\onex.dll - ok
00:21:13.0546 0x0308  [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
00:21:13.0546 0x0308  C:\WINDOWS\system32\eappcfg.dll - ok
00:21:13.0562 0x0308  [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
00:21:13.0562 0x0308  C:\WINDOWS\system32\eappprxy.dll - ok
00:21:13.0578 0x0308  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
00:21:13.0578 0x0308  C:\WINDOWS\system32\srsvc.dll - ok
00:21:13.0593 0x0308  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
00:21:13.0593 0x0308  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
00:21:13.0609 0x0308  [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
00:21:13.0609 0x0308  C:\WINDOWS\system32\vssapi.dll - ok
00:21:13.0625 0x0308  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll
00:21:13.0625 0x0308  C:\WINDOWS\system32\ipnathlp.dll - ok
00:21:13.0640 0x0308  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
00:21:13.0640 0x0308  C:\WINDOWS\system32\termsrv.dll - ok
00:21:13.0671 0x0308  [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
00:21:13.0671 0x0308  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
00:21:13.0687 0x0308  [ E16B687057603A249DA9271E9727CDB0, 0537DF45574FB17A1B8AD2AF0D571A9622B5A0A4D631F98ED115988FF075189E ] C:\WINDOWS\system32\ieframe.dll
00:21:13.0687 0x0308  C:\WINDOWS\system32\ieframe.dll - ok
00:21:13.0703 0x0308  [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
00:21:13.0703 0x0308  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
00:21:13.0718 0x0308  [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
00:21:13.0718 0x0308  C:\WINDOWS\system32\icaapi.dll - ok
00:21:13.0734 0x0308  [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
00:21:13.0734 0x0308  C:\WINDOWS\system32\mstlsapi.dll - ok
00:21:13.0750 0x0308  [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
00:21:13.0750 0x0308  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
00:21:13.0765 0x0308  [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
00:21:13.0765 0x0308  C:\WINDOWS\system32\wbem\esscli.dll - ok
00:21:13.0781 0x0308  [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
00:21:13.0781 0x0308  C:\WINDOWS\system32\wbem\fastprox.dll - ok
00:21:13.0796 0x0308  [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
00:21:13.0796 0x0308  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
00:21:13.0812 0x0308  [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
00:21:13.0812 0x0308  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
00:21:13.0828 0x0308  [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
00:21:13.0828 0x0308  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
00:21:13.0859 0x0308  [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
00:21:13.0859 0x0308  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
00:21:13.0875 0x0308  [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
00:21:13.0875 0x0308  C:\WINDOWS\system32\wbem\wbemess.dll - ok
00:21:13.0890 0x0308  [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
00:21:13.0890 0x0308  C:\WINDOWS\system32\netcfgx.dll - ok
00:21:13.0906 0x0308  [ B27AC9DB372E7BA30CA01A95573DD002, 054E7B67D656B7E3208630F39176AF96D7E952EE00E65CD7D1F83BEB337AE548 ] C:\PROGRA~1\WINDOW~2\wmpband.dll
00:21:13.0906 0x0308  C:\PROGRA~1\WINDOW~2\wmpband.dll - ok
00:21:13.0921 0x0308  [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
00:21:13.0921 0x0308  C:\WINDOWS\system32\clusapi.dll - ok
00:21:13.0937 0x0308  [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
00:21:13.0937 0x0308  C:\WINDOWS\system32\linkinfo.dll - ok
00:21:13.0953 0x0308  [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
00:21:13.0953 0x0308  C:\WINDOWS\system32\ntshrui.dll - ok
00:21:13.0968 0x0308  [ EDFA163FDBD7051CD9148410E4B56AF0, 8DB4A369F42FF3701E02DE3B3BA182E81B4690D6B95AA2C7281B43CCFBF9C242 ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
00:21:13.0968 0x0308  C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
00:21:13.0968 0x0308  [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\WINDOWS\system32\msvcp100.dll
00:21:13.0984 0x0308  C:\WINDOWS\system32\msvcp100.dll - ok
00:21:13.0984 0x0308  [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\WINDOWS\system32\msvcr100.dll
00:21:13.0984 0x0308  C:\WINDOWS\system32\msvcr100.dll - ok
00:21:14.0000 0x0308  [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
00:21:14.0000 0x0308  C:\WINDOWS\system32\verclsid.exe - ok
00:21:14.0031 0x0308  [ EA87F150E722E4AB866AD0A13382FA02, D28BE0D1210D9DFEBF313A93227DDF5BFFE6B6EE9980FAD238503CA135FBDA10 ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
00:21:14.0031 0x0308  C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
00:21:14.0046 0x0308  [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll
00:21:14.0046 0x0308  C:\WINDOWS\system32\upnp.dll - ok
00:21:14.0062 0x0308  [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
00:21:14.0062 0x0308  C:\WINDOWS\system32\winhttp.dll - ok
00:21:14.0078 0x0308  [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll
00:21:14.0078 0x0308  C:\WINDOWS\system32\ssdpapi.dll - ok
00:21:14.0093 0x0308  [ 8C22083ED515DC94D575438662F0BE6A, 67DC2A393AE31764C090BE2AEFAD3E20220538152157BAEBF366112166FEAB23 ] C:\WINDOWS\system32\msi.dll
00:21:14.0093 0x0308  C:\WINDOWS\system32\msi.dll - ok
00:21:14.0109 0x0308  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
00:21:14.0109 0x0308  C:\WINDOWS\system32\rasmans.dll - ok
00:21:14.0125 0x0308  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
00:21:14.0125 0x0308  C:\WINDOWS\system32\sens.dll - ok
00:21:14.0140 0x0308  [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
00:21:14.0140 0x0308  C:\WINDOWS\system32\winipsec.dll - ok
00:21:14.0156 0x0308  [ E083ADCF3E6233473C122B9AA5ADBAA0, 812053B4EB9C5D62C600E82DAFD882D6B71422EF498EBCD789CFC4E5954B860D ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll
00:21:14.0156 0x0308  C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll - ok
00:21:14.0171 0x0308  [ C0D4312262C7B1A46AADB8418B85D8FA, 7614A88F0C811E6D78D8B481D64DA986A7E1CE786CC1BEC02968303EEEB8103B ] C:\WINDOWS\system32\urlmon.dll
00:21:14.0171 0x0308  C:\WINDOWS\system32\urlmon.dll - ok
00:21:14.0187 0x0308  [ EC0FDA23B893786CF3F9734CAE2DDC74, B60B66E237CF8FF4638AF5CB6B68DD791C39D2B14D74B239ACE8F08D318CD677 ] C:\Program Files\Adobe\Reader 11.0\Reader\AGM.dll
00:21:14.0187 0x0308  C:\Program Files\Adobe\Reader 11.0\Reader\AGM.dll - ok
00:21:14.0218 0x0308  [ F2C994E692EEAA2EAA49FECCB656F0E1, F3B48B1EFDCB45782E9D17063DDA458838E17F089ABB9FC1241AC22FF1DFDCFF ] C:\Program Files\Adobe\Reader 11.0\Reader\CoolType.dll
00:21:14.0218 0x0308  C:\Program Files\Adobe\Reader 11.0\Reader\CoolType.dll - ok
00:21:14.0234 0x0308  [ 57ED2EDE89BD9D8FE1475DDDC701AAF0, 1C155D0F68E830E12345B1B7A1861940626F7630040932D19D76176B13D5A674 ] C:\Program Files\Adobe\Reader 11.0\Reader\BIB.dll
00:21:14.0234 0x0308  C:\Program Files\Adobe\Reader 11.0\Reader\BIB.dll - ok
00:21:14.0250 0x0308  [ 8D7360835BBF21D8FD2AEEF7E046871C, 08C37DE7DC9C3CF1197D54041CB87D872495EDCCADA88F7B06166807CC04D7C5 ] C:\Program Files\Adobe\Reader 11.0\Reader\ACE.dll
00:21:14.0250 0x0308  C:\Program Files\Adobe\Reader 11.0\Reader\ACE.dll - ok
00:21:14.0250 0x0308  [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
00:21:14.0250 0x0308  C:\WINDOWS\system32\drprov.dll - ok
00:21:14.0265 0x0308  [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
00:21:14.0265 0x0308  C:\WINDOWS\system32\ntlanman.dll - ok
00:21:14.0281 0x0308  [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
00:21:14.0281 0x0308  C:\WINDOWS\system32\netui0.dll - ok
00:21:14.0296 0x0308  [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
00:21:14.0296 0x0308  C:\WINDOWS\system32\netui1.dll - ok
00:21:14.0312 0x0308  [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
00:21:14.0312 0x0308  C:\WINDOWS\system32\netrap.dll - ok
00:21:14.0328 0x0308  [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
00:21:14.0328 0x0308  C:\WINDOWS\system32\davclnt.dll - ok
00:21:14.0343 0x0308  [ 92B5CD64AD69DC9DAEEFBA22292A7D70, E02B8AAB900F3C58BC7F489C0C2DCCDC93CB6663A9CD0849C26954578F332CB4 ] C:\Program Files\Adobe\Reader 11.0\Reader\AdobeXMP.dll
00:21:14.0343 0x0308  C:\Program Files\Adobe\Reader 11.0\Reader\AdobeXMP.dll - ok
00:21:14.0359 0x0308  [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
00:21:14.0359 0x0308  C:\WINDOWS\system32\wbem\ncprov.dll - ok
00:21:14.0390 0x0308  [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
00:21:14.0390 0x0308  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
00:21:14.0406 0x0308  [ F3370C98F4981EDA6036689D298E67B9, E003ACCF1FEB1DF3C01BA494CC21449990249424967BFD5509949FA1D8A1E072 ] C:\WINDOWS\system32\browselc.dll
00:21:14.0406 0x0308  C:\WINDOWS\system32\browselc.dll - ok
00:21:14.0421 0x0308  [ 5D999BF519415D1C8EE0B97FF6A254DB, 7E928AEF934288404342CDDD4B7761D35BC5F70662CFC7100066E9115AC60212 ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
00:21:14.0421 0x0308  C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
00:21:14.0437 0x0308  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
00:21:14.0437 0x0308  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
00:21:14.0453 0x0308  [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
00:21:14.0453 0x0308  C:\WINDOWS\system32\cryptnet.dll - ok
00:21:14.0468 0x0308  [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
00:21:14.0468 0x0308  C:\WINDOWS\system32\sensapi.dll - ok
00:21:14.0484 0x0308  [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll
00:21:14.0484 0x0308  C:\WINDOWS\system32\cabinet.dll - ok
00:21:14.0500 0x0308  [ 4D34E18A2F895ACB4903A299E922314B, 7289CAF00F0D39A5F0DE812A7197F6B1D2B88DDC171D0E33336523F9E128BF46 ] C:\Documents and Settings\Andre Stone\My Documents\Downloads\tdsskiller.exe
00:21:14.0500 0x0308  C:\Documents and Settings\Andre Stone\My Documents\Downloads\tdsskiller.exe - ok
00:21:14.0515 0x0308  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{4E7D4685-0A2C-4BAA-8AB9-25C5466E4ECC}.tmp
00:21:14.0515 0x0308  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{4E7D4685-0A2C-4BAA-8AB9-25C5466E4ECC}.tmp - ok
00:21:14.0531 0x0308  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{D253B0A9-876B-41AD-A5DA-A841D062673D}.tmp
00:21:14.0531 0x0308  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{D253B0A9-876B-41AD-A5DA-A841D062673D}.tmp - ok
00:21:14.0546 0x0308  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{FFD76022-8E4B-437D-9E4E-C3D6072D73AF}.tmp
00:21:14.0546 0x0308  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{FFD76022-8E4B-437D-9E4E-C3D6072D73AF}.tmp - ok
00:21:14.0562 0x0308  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{CE87B97E-EC1D-462D-8966-DBED87EB7579}.tmp
00:21:14.0562 0x0308  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{CE87B97E-EC1D-462D-8966-DBED87EB7579}.tmp - ok
00:21:14.0593 0x0308  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{63B0B5D4-6A42-41F3-81B7-F5A47F64F896}.tmp
00:21:14.0593 0x0308  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{63B0B5D4-6A42-41F3-81B7-F5A47F64F896}.tmp - ok
00:21:14.0609 0x0308  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{0783EB71-2A6A-4DE1-8F12-65A29D6ED372}.tmp
00:21:14.0609 0x0308  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{0783EB71-2A6A-4DE1-8F12-65A29D6ED372}.tmp - ok
00:21:14.0625 0x0308  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{F2E9F975-5DFB-4118-8C82-8DD2FF49A04E}.tmp
00:21:14.0625 0x0308  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{F2E9F975-5DFB-4118-8C82-8DD2FF49A04E}.tmp - ok
00:21:14.0640 0x0308  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{3210DE73-6EF4-4548-84AE-C6FA2921539A}.tmp
00:21:14.0640 0x0308  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{3210DE73-6EF4-4548-84AE-C6FA2921539A}.tmp - ok
00:21:14.0656 0x0308  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{1D1D3A00-869E-489A-8E86-267020803AA3}.tmp
00:21:14.0656 0x0308  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{1D1D3A00-869E-489A-8E86-267020803AA3}.tmp - ok
00:21:14.0656 0x0308  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{EE6CE821-DFDD-4A1B-8263-65FDAB301742}.tmp
00:21:14.0656 0x0308  C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{EE6CE821-DFDD-4A1B-8263-65FDAB301742}.tmp - ok
00:21:14.0687 0x0308  AV detected via SS1: ESET Smart Security 6.0, 6.0, enabled, outofdate
00:21:14.0687 0x0308  FW detected via SS1: ESET Personal firewall, 6.0.316.0, disabled
00:21:14.0687 0x0308  Win FW state via NFM: enabled
00:21:15.0203 0x0308  ============================================================
00:21:15.0203 0x0308  Scan finished
00:21:15.0203 0x0308  ============================================================
00:21:15.0218 0x070c  Detected object count: 0
00:21:15.0218 0x070c  Actual detected object count: 0
 


  • 0

#39
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,839 posts
Hi unique. Your FRST log is clean. Now we just remove the malware folder. Also I'd like to take a peek at a couple folders. Then we run another OTL scan to make sure nothing new has popped up. Make sure to grab the contents of step 2 before you run step 3. Please do the following:

Step 1

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

     
    :Commands
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]

    :OTL
    [2014/05/19 00:12:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\2992199F9A

     

     
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Then post the produced log (it will be in C:\_OTL\MovedFiles with a filename beginning with the date)

Step 2

 

  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the None button.
  • Paste this into the Custom Scans/Fixes section:
     
    C:\Documents and Settings\All Users\Application Data\10680154\*.* /s
    C:\Documents and Settings\All Users\Application Data\90690146\*.* /s

     

     
  • Click the Run Scan button. The scan wont take long.
  • When the scan completes, it will open a notepad window - OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it in your topic

 

 


Step 3

  • Double click OTL OTLI.gif to run it. Make sure all other windows are closed to let it run uninterrupted.
  • Select the Scan All Users box in the middle on the top of the window
  • Under the Custom Scans/Fixes box paste this in:

     
    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    WSHELPER.*
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    rpcss.dll
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    dir C:\ /S /A:L /C
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT

     

     
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it in your topic.

Things to see in your next post:
OTL fix log
OTL scan log
OTL second quick scan

  • 0

#40
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

All processes killed
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 2161653 bytes
->Temporary Internet Files folder emptied: 33175 bytes
->FireFox cache emptied: 20441812 bytes
->Flash cache emptied: 602 bytes
 
User: All Users
 
User: Andre Stone
->Temp folder emptied: 297136780 bytes
->Temporary Internet Files folder emptied: 362102306 bytes
->Java cache emptied: 42568247 bytes
->FireFox cache emptied: 401255907 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 2001263 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57311 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 68840915 bytes
 
User: NetworkService
->Temp folder emptied: 278528 bytes
->Temporary Internet Files folder emptied: 249390666 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 261681572 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 620713826 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34628 bytes
RecycleBin emptied: 80338056 bytes
 
Total Files Cleaned = 2,297.00 mb
 
Unable to start System Restore Service. Error code 10
========== OTL ==========
C:\Documents and Settings\All Users\Application Data\2992199F9A folder moved successfully.
 
OTL by OldTimer - Version 3.2.69.0 log created on 05232014_000433
 


  • 0

Advertisements


#41
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

OTL logfile created on: 5/23/2014 12:15:51 AM - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Andre Stone\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.97 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 85.40% Memory free
3.82 Gb Paging File | 3.74 Gb Available in Paging File | 97.84% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 31.69 Gb Total Space | 4.24 Gb Free Space | 13.37% Space Free | Partition Type: NTFS
 
Computer Name: ANDRESTONE | User Name: Andre Stone | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
========== Custom Scans ==========
 
< C:\Documents and Settings\All Users\Application Data\10680154\*.* /s >
 
< C:\Documents and Settings\All Users\Application Data\90690146\*.* /s >

< End of report >
 


  • 0

#42
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

OTL logfile created on: 5/23/2014 12:24:43 AM - Run 6
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Andre Stone\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.97 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 83.60% Memory free
3.82 Gb Paging File | 3.71 Gb Available in Paging File | 97.16% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 31.69 Gb Total Space | 4.24 Gb Free Space | 13.37% Space Free | Partition Type: NTFS
 
Computer Name: ANDRESTONE | User Name: Andre Stone | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/05/20 23:26:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andre Stone\desktop\OTL.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV - [2014/05/10 02:39:17 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/08/21 10:57:50 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2013/02/05 08:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/11/15 01:40:46 | 000,136,504 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\AppleOSSMgr.exe -- (AppleOSSMgr)
SRV - [2009/11/15 01:40:46 | 000,099,640 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\AppleTimeSrv.exe -- (AppleTimeSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\TrueSight.sys -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.SYS -- (PCTINDIS5)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pctnullport.sys -- (Nmea)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ANDRES~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/02/20 11:07:38 | 000,062,512 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2013/01/10 15:08:16 | 000,150,080 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2013/01/10 15:08:16 | 000,040,376 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2013/01/10 15:08:14 | 000,161,368 | ---- | M] (ESET) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2013/01/10 15:08:14 | 000,122,240 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010/11/16 17:24:48 | 000,013,880 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2009/11/15 01:40:46 | 000,005,760 | ---- | M] (Apple Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\KeyAgent.sys -- (KeyAgent)
DRV - [2009/10/16 09:36:50 | 000,023,552 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KeyMagic.sys -- (KeyMagic)
DRV - [2008/10/15 11:58:34 | 000,171,144 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWNC5E00.sys -- (SWNC5E00)
DRV - [2008/10/15 11:58:34 | 000,149,512 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmx00.sys -- (swmx00)
DRV - [2008/10/15 11:58:34 | 000,024,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/10/15 11:58:32 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2008/10/15 11:58:26 | 000,222,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2008/04/15 16:36:37 | 004,625,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/04/15 15:29:47 | 000,009,088 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\applebt.sys -- (applebt)
DRV - [2008/02/08 11:00:34 | 000,255,232 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008/02/08 10:58:26 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/02/08 10:57:29 | 000,017,664 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iSightUP.sys -- (iSightUpdate)
DRV - [2008/02/08 10:57:29 | 000,007,680 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iSightFT.sys -- (DevUpper)
DRV - [2008/02/08 10:57:16 | 000,035,072 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aapltp.sys -- (aapltp)
DRV - [2008/02/08 10:57:16 | 000,004,224 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aapltctp.sys -- (aapltctp)
DRV - [2008/02/08 10:56:41 | 000,016,512 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IRFilter.sys -- (IRRemoteFlt)
DRV - [2008/02/08 10:55:48 | 000,006,528 | ---- | M] (Apple Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\MacHALDriver.sys -- (MacHALDriver)
DRV - [2008/02/08 10:54:57 | 000,007,424 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BthKicker.sys -- (BthKicker)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Documents and Settings\Andre Stone\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/05/10 02:38:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/15 16:47:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/09/01 01:49:30 | 000,000,000 | ---D | M]
 
[2009/07/14 19:07:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andre Stone\Application Data\Mozilla\Extensions
[2014/03/21 08:50:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andre Stone\Application Data\Mozilla\Firefox\Profiles\bxpp8ck0.default-1352229856765\extensions
[2014/05/10 02:38:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/10 02:39:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2014/05/23 00:04:34 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\KbdMgr.exe (Apple Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\RunOnce: [{67A9EFDF-CBAB-4FED-BD8C-99BA4AA14096}] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-725345543-1659004503-839522115-1003..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\Andre Stone\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0B72CCA4-5F11-11D0-9CB5-0000C0EC9FDB} http://www2.stlu.com...eetnoagent7.cab (Street Technologies ActiveX Control Object)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.t...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 198.6.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3AD2D235-40CC-41F6-92FD-03F3708CF1A2}: DhcpNameServer = 10.15.1.163 10.15.1.164 10.15.115.20 10.15.115.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC0F273D-8DE3-48E8-9C63-7F5D437A7ED8}: DhcpNameServer = 198.6.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Andre Stone\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andre Stone\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/17 18:42:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{19f49eb4-aa27-11df-97dd-001ff3b0c9c5}\Shell - "" = AutoRun
O33 - MountPoints2\{19f49eb4-aa27-11df-97dd-001ff3b0c9c5}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{19f49eb4-aa27-11df-97dd-001ff3b0c9c5}\Shell\AutoRun\command - "" = E:\WIN\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/23 00:04:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/21 23:24:23 | 000,000,000 | ---D | C] -- C:\FRST
[2014/05/21 23:12:09 | 001,056,768 | ---- | C] (Farbar) -- C:\Documents and Settings\Andre Stone\Desktop\FRST.exe
[2014/05/21 00:40:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre Stone\Desktop\RK_Quarantine
[2014/05/20 23:55:16 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Andre Stone\Desktop\aswMBR.exe
[2014/05/20 23:26:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andre Stone\Desktop\OTL.exe
[2014/05/14 22:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/05/13 08:23:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre Stone\My Documents\Leventhal Law Firm
[2014/05/10 02:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/05/09 09:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\Paperwork
[2014/05/09 09:31:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre Stone\Desktop\Grant Kingsbury
[2014/04/24 10:00:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre Stone\My Documents\Prime Flight
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/23 00:08:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/05/23 00:04:34 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2014/05/22 17:35:20 | 000,572,477 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\S00187430.pdf
[2014/05/22 16:26:29 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/05/21 23:11:24 | 001,056,768 | ---- | M] (Farbar) -- C:\Documents and Settings\Andre Stone\Desktop\FRST.exe
[2014/05/21 00:32:40 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\MBR.dat
[2014/05/20 23:53:01 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Andre Stone\Desktop\aswMBR.exe
[2014/05/20 23:26:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andre Stone\Desktop\OTL.exe
[2014/05/19 22:54:52 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/05/19 06:14:00 | 000,000,526 | ---- | M] () -- C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-725345543-1659004503-839522115-1003.job
[2014/05/18 03:19:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/05/14 09:10:25 | 000,108,728 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\La Jolla Invoice #2.pdf
[2014/05/14 09:08:56 | 000,107,120 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Bentley Place Invoice #2.pdf
[2014/05/10 18:07:30 | 000,523,724 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/05/10 18:07:30 | 000,095,466 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/05/09 12:32:56 | 000,001,054 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/09 12:32:15 | 000,001,050 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Dropbox.lnk
[2014/05/09 09:39:07 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paperwork.lnk
[2014/05/08 16:59:04 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/05/08 12:25:00 | 000,311,948 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Bizhub 361.pdf
[2014/05/08 12:23:07 | 000,308,745 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Bizhub Pro 950.pdf
[2014/04/29 10:23:31 | 000,075,464 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Gladys.jpg
[2014/04/24 17:25:36 | 000,063,301 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\La Jolla Invoice.pdf
[2014/04/24 17:25:14 | 000,064,675 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Bentley Place Invoice.pdf
 
========== Files Created - No Company Name ==========
 
[2014/05/22 17:35:20 | 000,572,477 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\S00187430.pdf
[2014/05/21 00:32:40 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\MBR.dat
[2014/05/14 09:10:25 | 000,108,728 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\La Jolla Invoice #2.pdf
[2014/05/14 09:08:56 | 000,107,120 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\Bentley Place Invoice #2.pdf
[2014/05/09 12:32:56 | 000,001,054 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/08 12:25:00 | 000,311,948 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\Bizhub 361.pdf
[2014/05/08 12:23:07 | 000,308,745 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\Bizhub Pro 950.pdf
[2014/04/29 10:23:31 | 000,075,464 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\Gladys.jpg
[2014/04/24 17:25:36 | 000,063,301 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\La Jolla Invoice.pdf
[2014/04/24 17:25:14 | 000,064,675 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\Bentley Place Invoice.pdf
[2014/02/25 19:16:17 | 000,159,680 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/09/03 06:10:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/09/03 06:10:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/09/03 06:10:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/09/03 06:10:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/09/03 06:10:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/10/25 01:44:05 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/07/30 00:40:05 | 000,046,592 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009/04/07 14:39:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 17:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 17:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/05/06 00:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/02/09 18:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aimersoft DVD Ripper
[2013/09/01 01:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2012/11/05 11:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBMERS
[2012/10/25 00:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/08/17 12:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sprint
[2013/02/12 03:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2013/08/15 17:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\com.kmbs.Paperwork
[2009/12/17 10:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\com.kmbs.Paperwork.A297539FD1E76821C9C59643DA1370B7E26631B8.1
[2014/05/21 00:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Dropbox
[2014/05/12 15:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\DropboxMaster
[2011/07/21 12:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\ESET
[2009/06/09 22:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\GlarySoft
[2013/02/12 05:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\HandBrake
[2012/11/05 11:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\IBMERS
[2010/09/20 13:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Interwise
[2009/01/14 18:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Learn2.com
[2012/07/18 18:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Oracle
[2009/04/07 14:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Prism Software Corporation
[2012/10/25 01:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Research In Motion
[2010/08/17 10:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Sierra Wireless
[2014/04/29 11:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Spotify
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV - [2008/04/13 17:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 17:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 06:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 17:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 17:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 10:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/13 17:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 16:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 17:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/13 17:11:54 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 17:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/13 17:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 17:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [Disabled | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 17:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 17:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 09:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 06:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 17:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 17:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/13 17:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 17:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 17:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/26 22:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/27 16:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 17:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 17:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 17:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 17:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 17:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 16:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 17:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 17:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 17:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 17:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/05/19 02:57:42 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 17:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 05:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/13 17:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 17:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/09 23:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: EXPLORER.EXE  >
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\cache\explorer.exe
[2007/06/13 04:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
 
< MD5 for: RPCSS.DLL  >
[2009/02/09 03:20:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=01095FEBF33BEEA00C2A0730B9B3EC28 -- C:\WINDOWS\$NtServicePackUninstall$\rpcss.dll
[2009/02/09 03:01:53 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=24B5D53B9ACCC1E2EDCF0A878D6659D4 -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[2008/04/13 17:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=2589FE6015A316C0F5D5112B4DA7B509 -- C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll
[2008/04/13 17:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=2589FE6015A316C0F5D5112B4DA7B509 -- C:\WINDOWS\ServicePackFiles\i386\rpcss.dll
[2004/08/04 05:00:00 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=5C83A4408604F737717AB96371201680 -- C:\WINDOWS\$NtUninstallKB894391$\rpcss.dll
[2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\system32\dllcache\rpcss.dll
[2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\system32\rpcss.dll
[2009/02/09 03:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=9222562D44021B988B9F9F62207FB6F2 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[2005/07/25 21:20:40 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=C369DF215D352B6F3A0B8C3469AA34F8 -- C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[2005/04/28 12:31:11 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=C8061F289E000703E7672916B7FE1571 -- C:\WINDOWS\$NtUninstallKB902400$\rpcss.dll
[2005/07/25 21:39:49 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=CE94A2BD25E3E9F4D46A7373FF455C6D -- C:\WINDOWS\$NtUninstallKB956572_0$\rpcss.dll
[2005/04/28 12:35:01 | 000,396,288 | ---- | M] (Microsoft Corporation) MD5=DA383FB39A6F1C445F3AFC94B3EB1248 -- C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll
 
< MD5 for: SERVICES  >
[2004/08/04 05:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services
 
< MD5 for: SERVICES.CFG  >
[2014/05/08 06:48:48 | 000,560,495 | ---- | M] () MD5=12A7DDA9C7CA1AAA2C6F36BB1E24528B -- C:\Program Files\Adobe\Reader 11.0\Reader\Services\Services.cfg
[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
 
< MD5 for: SERVICES.EXE  >
[2009/02/06 04:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 17:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/13 17:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 10:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/06 03:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\cache\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004/08/04 05:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
 
< MD5 for: SERVICES.LNK  >
[2008/06/17 18:42:40 | 000,001,602 | ---- | M] () MD5=763F6124856F27814A9386FAE01C9FE7 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
 
< MD5 for: SERVICES.MSC  >
[2004/08/04 05:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc
 
< MD5 for: SVCHOST.EXE  >
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\cache\svchost.exe
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\cache\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
 
< C:\Windows\assembly\tmp\U\*.* /s >
[2008/06/17 18:40:32 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2008/06/17 18:46:40 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2008/06/18 16:40:36 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2009/06/09 22:19:24 | 000,000,324 | ---- | C] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2012/04/02 18:16:45 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014/03/07 14:37:58 | 000,000,228 | ---- | C] () -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/07 14:37:59 | 000,000,234 | ---- | C] () -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/03/17 09:05:21 | 000,000,526 | ---- | C] () -- C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-725345543-1659004503-839522115-1003.job
 
< %Temp%\smtmp\1\*.* >
 
< %Temp%\smtmp\2\*.* >
 
< %Temp%\smtmp\3\*.* >
 
< %Temp%\smtmp\4\*.* >
 
< dir C:\ /S /A:L /C >
 Volume in drive C is BOOTCAMP
 Volume Serial Number is B478-C02E
 Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices
02/12/2014  06:40 AM    <JUNCTION>     2.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote
02/12/2014  06:40 AM    <JUNCTION>     2.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices
02/12/2014  06:43 AM    <JUNCTION>     v4.0_4.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
               3 Dir(s)   4,549,312,512 bytes free
 
< type c:\diskreport.txt /c >
Microsoft DiskPart version 5.1.3565
Copyright © 1999-2003 Microsoft Corporation.
On computer: ANDRESTONE
The disk management services could not complete the operation.

< End of report >
 


  • 0

#43
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,839 posts
Hi unique. I'll take a look at your logs tomorrow. Assuming nothing new popped up we only have two easy scans left then we are done.
  • 0

#44
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Hi Josh,

 

Thanks so much for all your help. I look forward to hearing from you tomorrow.


  • 0

#45
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,839 posts
Hi unique. Everything looks good. Try booting into normal Windows now and see what happens. If there are no problems let's run these scans then follow the instructions to make sure everything is working.

Step 1

bf_new.gif Please download the new Malwarebytes' Anti-Malware from Here.

 
Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)

  • Select the language and click OK.
  • Accept the agreement
  • Make sure a checkmark is placed next to Enable the Free Trial and Launch Malwarebytes' Anti-Malware, then click on finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Scan Now".
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click on Quarantine All,.
  • When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
  • Upon restart, launch Malwarebytes Antimalware and select History.
  • Double click on the last scan done, then on Copy to Clipboard.
  • To submit your reply, click on Add Reply, then right click on the window and select Paste.
  • Submit your reply.

Extra Note:
 
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.


Step 2

  • Go to here
  • Click the download button under Kaspersky Security Scan
  • Download and run the file
  • It will start to download the Kaspersky Security Scan program data
  • Once downloaded the installer will begin
  • Click Next
  • Accept the License Agreement
  • Click Install
  • The program will now install
  • Click Finish
  • Kaspersky Security Scan will now start

    KSS.JPG
     
  • Click the Full Scan button

    KSS%20full%20scan.JPG
     
  • The scan will take about an hour or two depending on the amount of data on your hard drive
  • If the scan detects problems it will open a Problems found window
  • Click Details to generate a scan results report

    KSS%20infected.JPG
     
  • Once the scan is complete do the following:
    • For XP: Navigate to C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot
    • If you can't find the folder then press Windows key + R key at the same time then type the full path name in the run dialog box and press enter
    • Right-click on the HtmlReport folder --> Click Send to --> Click Compressed (zipped) folder
    • Attach the HtmlReport zipped folder to your next post
      htmlreportzipxp.jpg
      htmlreportzip7.jpg
      htmlreportzipvista.jpg
  • You can now close Kaspersky Security Scan

Step 3

Now let's make sure everything is functioning properly.
First system restore.

  • Go to the start menu
  • Click programs
  • Click accessories
  • Click system tools
  • Click system restore
  • Select Create a restore point
  • Name the point, create and let me know if it succeeds or if you get an error message

Step 4

Now disk management
Make sure not to mess around with anything in disk management as you can erase data here

  • Go to start menu
  • Click control panel
  • Open administrative tools
  • Open computer management
  • On the left side click disk management and let me know if it succeeds or if you get an error message (you should see your hard drives on the right side)
  • close disk management

Step 5

Now event viewer

  • Open administrative tools again but this time open event viewer
  • Select system on the left and let me know if it succeeds or if you get an error message (you should see a bunch of information/warning entries on the right)
  • close event viewer

Step 6

Finally windows update

  • Go to the start menu
  • Go to programs
  • Go to windows update
  • Select the custom button
  • It will say Checking for the latest updates for your computer... and take several minutes or so
  • let me know if it succeeds or if you get an error message (it should look like this on the left side)

wu.jpg


Things to see in your next post:
Malwarebytes log
KSS zipped folder
system restore, event viewer, disk management, and window update results

 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP